PHPackages shopwarelabs/phpstan-shopware - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Testing & Quality](/categories/testing) 4. / 5. shopwarelabs/phpstan-shopware ActiveLibrary[Testing & Quality](/categories/testing) shopwarelabs/phpstan-shopware ============================= PhpStan Rules for Shopware 0.1.14(3mo ago)1036.5k—0.2%4[4 PRs](https://github.com/shopwareLabs/phpstan-shopware/pulls)6MITPHPPHP ^8.2CI passing Since Jan 28Pushed 3mo ago6 watchersCompare [ Source](https://github.com/shopwareLabs/phpstan-shopware)[ Packagist](https://packagist.org/packages/shopwarelabs/phpstan-shopware)[ RSS](/packages/shopwarelabs-phpstan-shopware/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (10)Dependencies (6)Versions (31)Used By (6) PHPStan Rules for Shopware 6 ============================ [](#phpstan-rules-for-shopware-6) [![Latest Version on Packagist](https://camo.githubusercontent.com/c94f91225df3aaee106e52787925d768813590bbcf14db064700199b223d5603/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f73686f70776172656c6162732f7068707374616e2d73686f70776172652e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/shopwarelabs/phpstan-shopware)[![Total Downloads](https://camo.githubusercontent.com/23fcbd518195d181533aef42cb4bf3172076cdfb78255bc239ab6e518a105bc6/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f73686f70776172656c6162732f7068707374616e2d73686f70776172652e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/shopwarelabs/phpstan-shopware)[![License](https://camo.githubusercontent.com/72369e15e5960156edd16245860a8511aed51e6b83042533092352b9e72d8c51/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f73686f70776172656c6162732f7068707374616e2d73686f70776172652e7376673f7374796c653d666c61742d737175617265)](https://github.com/shopwarelabs/phpstan-shopware/blob/main/LICENSE.md) This package provides additional PHPStan rules for Shopware 6 projects. It helps developers catch common mistakes and enforce best practices specific to Shopware development. Installation ------------ [](#installation) You can install the package via composer: ``` composer require --dev shopwarelabs/phpstan-shopware ``` Usage ----- [](#usage) To use these rules, include the package's configuration file in your PHPStan configuration: ``` includes: - vendor/shopwarelabs/phpstan-shopware/rules.neon ``` or you use PHPStan Extension Installer Features -------- [](#features) - Custom rules for Shopware 6.5 specific patterns - Improved type inference for Shopware core classes - Additional checks for common Shopware development pitfalls ### Available Rules [](#available-rules) Here's a comprehensive list of all available rules: 1. **NoSuperglobalsRule**: Prevents usage of superglobals (`$_GET`, `$_POST`, `$_FILES`, `$_REQUEST`). Use proper request objects instead. 2. **DisallowFunctionsRule**: Prevents usage of certain disallowed functions in the codebase. 3. **NoEntityRepositoryInLoopRule**: Prevents EntityRepository method calls within loops to avoid N+1 query problems. 4. **NoSessionInPaymentHandlerAndStoreApiRule**: Prevents usage of session in payment handlers and Store API contexts. 5. **NoSymfonySessionInConstructorRule**: Prevents injection of Symfony Session in constructor to avoid early session starts. 6. **ForbidGlobBraceRule**: Prevents usage of glob brace expansion for better cross-platform compatibility. 7. **InternalClassExtendsRule**: Ensures proper extension of internal classes. 8. **NoUserEntityGetStoreTokenRule**: Prevents direct access to store tokens from User entities. 9. **MethodBecomesAbstractRule**: Checks for methods that should be abstract. 10. **ClassExtendUsesAbstractClassWhenExisting**: Enforces the use of abstract classes when they exist. 11. **NoDALFilterByID**: Prevents direct ID filtering in DAL queries. 12. **ScheduledTaskTooLowIntervalRule**: Ensures scheduled tasks don't have too low intervals. 13. **DisallowDefaultContextCreation**: Prevents creation of default contexts in inappropriate places. 14. **SetForeignKeyRule**: Enforces proper foreign key handling. 15. **InternalFunctionCallRule**: Controls usage of internal functions. 16. **InternalMethodCallRule**: Controls usage of internal methods. 17. **DisallowSessionFunctionsRule**: Prevents usage of session functions (`session_write_close`, `session_start`, `session_destroy`). Use the Symfony Session component instead. 18. **ForbidLocalDiskWriteRule**: Prevents local disk write operations (`file_put_contents`, `fopen` with write mode, `mkdir`, `unlink`, etc.). Use the temporary directory or Flysystem instead. 19. **ForwardSalesChannelContextToSystemConfigServiceRule**: Ensures that when a method has a SalesChannelContext parameter, it is forwarded to SystemConfigService methods as the salesChannelId argument. 20. **ForbidPredictableSaltRule**: Prevents hardcoded salts in `crypt()` and `password_hash()` calls, which are predictable and weaken security. 21. **ForbidWeakCryptoKeyRule**: Prevents weak cryptographic key sizes in `openssl_pkey_new()` calls. RSA keys must be at least 2048 bits. 22. **ForbidInsecureCookieRule**: Prevents setting cookies without the secure flag in `setcookie()` and `setrawcookie()` calls. Cookies should use `secure=true` for HTTPS-only transmission. 23. **ForbidInsecureSymfonyCookieRule**: Prevents creating Symfony `Cookie` objects without explicit `secure=true`. Detects `new Cookie(...)`, `Cookie::create(...)`, and `->withSecure(false)` calls. The `$secure` parameter must be explicitly set to `true` for HTTPS-only transmission. Configuration ------------- [](#configuration) You can customize the behavior of these rules by adding configuration to your `phpstan.neon` file. See the [configuration section](#configuration) for more details. Contributing ------------ [](#contributing) Contributions are welcome! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for details. License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 51 — FairBetter than 96% of packages Maintenance81 Actively maintained with recent releases Popularity38 Limited adoption so far Community25 Small or concentrated contributor base Maturity51 Maturing project, gaining track record Bus Factor1 Top contributor holds 80.2% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~26 days Recently: every ~60 days Total 15 Last Release 106d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/7c45ef9077b73fce78afbfab2fa27e611a453dd77de003e2785ac84105d02bef?d=identicon)[shyim](/maintainers/shyim) --- Top Contributors [![shyim](https://avatars.githubusercontent.com/u/6224096?v=4)](https://github.com/shyim "shyim (65 commits)")[![SpiGAndromeda](https://avatars.githubusercontent.com/u/15141351?v=4)](https://github.com/SpiGAndromeda "SpiGAndromeda (5 commits)")[![lacknere](https://avatars.githubusercontent.com/u/26323889?v=4)](https://github.com/lacknere "lacknere (3 commits)")[![tinect](https://avatars.githubusercontent.com/u/135993?v=4)](https://github.com/tinect "tinect (3 commits)")[![mitelg](https://avatars.githubusercontent.com/u/6985627?v=4)](https://github.com/mitelg "mitelg (2 commits)")[![tschaefermedia](https://avatars.githubusercontent.com/u/18417659?v=4)](https://github.com/tschaefermedia "tschaefermedia (2 commits)")[![panakour](https://avatars.githubusercontent.com/u/12927166?v=4)](https://github.com/panakour "panakour (1 commits)") --- Tags hacktoberfest ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/shopwarelabs-phpstan-shopware/health.svg) ``` [![Health](https://phpackages.com/badges/shopwarelabs-phpstan-shopware/health.svg)](https://phpackages.com/packages/shopwarelabs-phpstan-shopware) ``` ### Alternatives [vimeo/psalm A static analysis tool for finding errors in PHP applications 5.8k77.5M6.7k](/packages/vimeo-psalm)[larastan/larastan Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel 6.4k43.5M5.2k](/packages/larastan-larastan)[phpstan/phpstan-symfony Symfony Framework extensions and rules for PHPStan 78768.9M1.5k](/packages/phpstan-phpstan-symfony)[phpstan/phpstan-doctrine Doctrine extensions for PHPStan 66766.6M1.1k](/packages/phpstan-phpstan-doctrine)[phpat/phpat PHP Architecture Tester 1.2k3.5M32](/packages/phpat-phpat)[spaze/phpstan-disallowed-calls PHPStan rules to detect disallowed method & function calls, constant, namespace, attribute, property & superglobal usages, with powerful rules to re-allow a call or a usage in places where it should be allowed. 33320.0M375](/packages/spaze-phpstan-disallowed-calls) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)