PHPackages sirbrillig/phpcs-variable-analysis - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Testing & Quality](/categories/testing) 4. / 5. sirbrillig/phpcs-variable-analysis ActivePhpcodesniffer-standard[Testing & Quality](/categories/testing) sirbrillig/phpcs-variable-analysis ================================== A PHPCS sniff to detect problems with variables. v2.13.0(7mo ago)14548.5M—2.4%17[20 issues](https://github.com/sirbrillig/phpcs-variable-analysis/issues)[2 PRs](https://github.com/sirbrillig/phpcs-variable-analysis/pulls)20BSD-2-ClausePHPPHP >=5.4.0CI passing Since Nov 1Pushed 3w ago4 watchersCompare [ Source](https://github.com/sirbrillig/phpcs-variable-analysis)[ Packagist](https://packagist.org/packages/sirbrillig/phpcs-variable-analysis)[ RSS](/packages/sirbrillig-phpcs-variable-analysis/feed)WikiDiscussions trunk Synced 1mo ago READMEChangelog (10)Dependencies (5)Versions (84)Used By (20) PHP\_CodeSniffer VariableAnalysis ================================= [](#php_codesniffer-variableanalysis) [![CS and QA Build Status](https://github.com/sirbrillig/phpcs-variable-analysis/actions/workflows/csqa.yml/badge.svg)](https://github.com/sirbrillig/phpcs-variable-analysis/actions/workflows/csqa.yml)[![Test Build Status](https://github.com/sirbrillig/phpcs-variable-analysis/actions/workflows/test.yml/badge.svg)](https://github.com/sirbrillig/phpcs-variable-analysis/actions/workflows/test.yml)[![Coverage Status](https://camo.githubusercontent.com/2f8d7796be863ddd1d58aa514b68c03edd4d45d6001b5b3083e0edd84a1f8c26/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f6769746875622f7369726272696c6c69672f70687063732d7661726961626c652d616e616c797369732f62616467652e737667)](https://coveralls.io/github/sirbrillig/phpcs-variable-analysis) Plugin for PHP\_CodeSniffer static analysis tool that adds analysis of problematic variable use. - Warns if variables are used without being defined. (Sniff code: `VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedVariable`) - Warns if variables are used inside `unset()` without being defined. (Sniff code: `VariableAnalysis.CodeAnalysis.VariableAnalysis.UndefinedUnsetVariable`) - Warns if variables are set or declared but never used. (Sniff code: `VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable`) - Warns if `$this`, `self::$static_member`, `static::$static_member` is used outside class scope. (Sniff codes: `VariableAnalysis.CodeAnalysis.VariableAnalysis.SelfOutsideClass` or `VariableAnalysis.CodeAnalysis.VariableAnalysis.StaticOutsideClass`) Installation ------------ [](#installation) ### Requirements [](#requirements) VariableAnalysis requires PHP 5.4 or higher and [PHP CodeSniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer) version 3.13.5 or higher. ### With PHPCS Composer Installer [](#with-phpcs-composer-installer) This is the easiest method. First, install [phpcodesniffer-composer-installer](https://github.com/PHPCSStandards/composer-installer) for your project if you have not already. This will also install PHPCS. ``` composer config allow-plugins.dealerdirect/phpcodesniffer-composer-installer true composer require --dev dealerdirect/phpcodesniffer-composer-installer ``` Then install these standards. ``` composer require --dev sirbrillig/phpcs-variable-analysis ``` You can then include the sniffs by adding a line like the following to [your phpcs.xml file](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Advanced-Usage#using-a-default-configuration-file). ``` ``` It should just work after that! ### Standalone [](#standalone) 1. Install PHP\_CodeSniffer (PHPCS) by following its [installation instructions](https://github.com/PHPCSStandards/PHP_CodeSniffer#installation) (via Composer, Phar file, PEAR, or Git checkout). Do ensure that PHP\_CodeSniffer's version matches our [requirements](#requirements). 2. Install VariableAnalysis. Download either the zip or tar.gz file from [the VariableAnalysis latest release page](https://github.com/sirbrillig/phpcs-variable-analysis/releases/latest). Expand the file and rename the resulting directory to `phpcs-variable-analysis`. Move the directory to a place where you'd like to keep all your PHPCS standards. 3. Add the paths of the newly installed standards to the [PHP\_CodeSniffer installed\_paths configuration](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Configuration-Options#setting-the-installed-standard-paths). The following command should append the new standards to your existing standards (be sure to supply the actual paths to the directories you created above). ``` phpcs --config-set installed_paths "$(phpcs --config-show|grep installed_paths|awk '{ print $2 }'),/path/to/phpcs-variable-analysis" ``` If you do not have any other standards installed, you can do this more easily (again, be sure to supply the actual paths): ``` phpcs --config-set installed_paths /path/to/phpcs-variable-analysis ``` Customization ------------- [](#customization) There's a variety of options to customize the behaviour of VariableAnalysis, take a look at the included ruleset.xml.example for commented examples of a configuration. The available options are as follows: - `allowUnusedFunctionParameters` (bool, default `false`): if set to true, function arguments will never be marked as unused. - `allowUnusedCaughtExceptions` (bool, default `true`): if set to true, caught Exception variables will never be marked as unused. - `allowUnusedParametersBeforeUsed` (bool, default `true`): if set to true, unused function arguments will be ignored if they are followed by used function arguments. - `allowUnusedVariablesBeforeRequire` (bool, default `false`): if set to true, variables defined before a `require`, `require_once`, `include`, or `include_once` will not be marked as unused. They may be intended for the required file. - `allowUndefinedVariablesInFileScope` (bool, default `false`): if set to true, undefined variables in the file's top-level scope will never be marked as undefined. This can be useful for template files which use many global variables defined elsewhere. - `allowUnusedVariablesInFileScope` (bool, default `false`): if set to true, unused variables in the file's top-level scope will never be marked as unused. This can be helpful when defining a lot of global variables to be used elsewhere. - `validUnusedVariableNames` (string, default `null`): a space-separated list of names of placeholder variables that you want to ignore from unused variable warnings. For example, to ignore the variables `$junk` and `$unused`, this could be set to `'junk unused'`. - `ignoreUnusedRegexp` (string, default `null`): a PHP regexp string (note that this requires explicit delimiters) for variables that you want to ignore from unused variable warnings. For example, to ignore the variables `$_junk` and `$_unused`, this could be set to `'/^_/'`. - `validUndefinedVariableNames` (string, default `null`): a space-separated list of names of placeholder variables that you want to ignore from undefined variable warnings. For example, to ignore the variables `$post` and `$undefined`, this could be set to `'post undefined'`. This can be used in combination with `validUndefinedVariableRegexp`. - `validUndefinedVariableRegexp` (string, default `null`): a PHP regexp string (note that this requires explicit delimiters) for variables that you want to ignore from undefined variable warnings. For example, to ignore the variables `$post` and `$undefined`, this could be set to `'/^(post|undefined)$/'`. This can be used in combination with `validUndefinedVariableNames`. - `allowUnusedForeachVariables` (bool, default `true`): if set to true, unused values from the `key => value` syntax in a `foreach` loop will never be marked as unused. - `sitePassByRefFunctions` (string, default `null`): a list of custom functions which pass in variables to be initialized by reference (eg `preg_match()`) and therefore should not require those variables to be defined ahead of time. The list is space separated and each entry is of the form `functionName:1,2`. The function name comes first followed by a colon and a comma-separated list of argument numbers (starting from 1) which should be considered variable definitions. The special value `...` in the arguments list will cause all arguments after the last number to be considered variable definitions. - `allowWordPressPassByRefFunctions` (bool, default `false`): if set to true, a list of common WordPress pass-by-reference functions will be added to the list of PHP ones so that passing undefined variables to these functions (to be initialized by reference) will be allowed. To set these these options, you must use XML in your ruleset. For details, see the [phpcs customizable sniff properties page](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Customisable-Sniff-Properties). Here is an example that ignores all variables that start with an underscore: ``` ``` See Also -------- [](#see-also) - [ImportDetection](https://github.com/sirbrillig/phpcs-import-detection): A set of phpcs sniffs to look for unused or unimported symbols. - [phpcs-changed](https://github.com/sirbrillig/phpcs-changed): Run phpcs on files, but only report warnings/errors from lines which were changed. Original -------- [](#original) This was forked from the excellent work in [https://github.com/illusori/PHP\_Codesniffer-VariableAnalysis](https://github.com/illusori/PHP_Codesniffer-VariableAnalysis) Contributing ------------ [](#contributing) Please open issues or PRs on this repository. Any changes should be accompanied by tests and should pass linting and static analysis. Please use phpdoc (rather than actual types) for declaring types since this must run in PHP 5.4. To run tests, make sure composer is installed, then run: ``` composer install # you only need to do this once composer test ``` To run linting, use: ``` composer lint ``` To run static analysis, use: ``` composer static-analysis ``` ### Health Score 68 — FairBetter than 100% of packages Maintenance78 Regular maintenance activity Popularity66 Solid adoption and visibility Community40 Growing community involvement Maturity74 Established project with proven stability Bus Factor1 Top contributor holds 53.8% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~41 days Recently: every ~109 days Total 75 Last Release 59d ago Major Versions v2.8.1 → v3.0.0-beta.12020-05-12 v2.8.2-beta.1 → v3.0.0-beta.22020-07-10 v2.8.3 → v3.0.0-beta.42020-08-18 v2.10.0 → v3.0.0-beta.82020-11-23 v2.13.0 → 3.x-dev2026-03-09 PHP version history (2 changes)v2.0.1PHP >=5.4.0 v2.6.3PHP >=5.6.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/c17eab4ecec5bcaae35d25bc7bb56358b3d8c2e6e9a3f7e99d480e31260a52a7?d=identicon)[sirbrillig](/maintainers/sirbrillig) --- Top Contributors [![sirbrillig](https://avatars.githubusercontent.com/u/2036909?v=4)](https://github.com/sirbrillig "sirbrillig (192 commits)")[![jrfnl](https://avatars.githubusercontent.com/u/663378?v=4)](https://github.com/jrfnl "jrfnl (79 commits)")[![illusori](https://avatars.githubusercontent.com/u/360670?v=4)](https://github.com/illusori "illusori (63 commits)")[![GaryJones](https://avatars.githubusercontent.com/u/88371?v=4)](https://github.com/GaryJones "GaryJones (6 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (3 commits)")[![loilo](https://avatars.githubusercontent.com/u/1922624?v=4)](https://github.com/loilo "loilo (2 commits)")[![arnested](https://avatars.githubusercontent.com/u/190005?v=4)](https://github.com/arnested "arnested (2 commits)")[![arkener](https://avatars.githubusercontent.com/u/16407031?v=4)](https://github.com/arkener "arkener (2 commits)")[![szepeviktor](https://avatars.githubusercontent.com/u/952007?v=4)](https://github.com/szepeviktor "szepeviktor (1 commits)")[![biinari](https://avatars.githubusercontent.com/u/148009?v=4)](https://github.com/biinari "biinari (1 commits)")[![brandonkal](https://avatars.githubusercontent.com/u/4714862?v=4)](https://github.com/brandonkal "brandonkal (1 commits)")[![khromalabs](https://avatars.githubusercontent.com/u/204213?v=4)](https://github.com/khromalabs "khromalabs (1 commits)")[![kraftbj](https://avatars.githubusercontent.com/u/88897?v=4)](https://github.com/kraftbj "kraftbj (1 commits)")[![Levivb](https://avatars.githubusercontent.com/u/2494320?v=4)](https://github.com/Levivb "Levivb (1 commits)")[![ostrolucky](https://avatars.githubusercontent.com/u/496233?v=4)](https://github.com/ostrolucky "ostrolucky (1 commits)")[![alexpott](https://avatars.githubusercontent.com/u/769634?v=4)](https://github.com/alexpott "alexpott (1 commits)") --- Tags lintingphpphp-codesnifferphpcsstatic-analysisundefined-variablesunused-variablesphpcsstatic analysis ### Code Quality TestsPHPUnit Static AnalysisPHPStan, Psalm Type Coverage Yes ### Embed Badge ![Health badge](/badges/sirbrillig-phpcs-variable-analysis/health.svg) ``` [![Health](https://phpackages.com/badges/sirbrillig-phpcs-variable-analysis/health.svg)](https://phpackages.com/packages/sirbrillig-phpcs-variable-analysis) ``` ### Alternatives [wp-coding-standards/wpcs PHP\_CodeSniffer rules (sniffs) to enforce WordPress coding conventions 2.8k42.5M1.6k](/packages/wp-coding-standards-wpcs)[slevomat/coding-standard Slevomat Coding Standard for PHP\_CodeSniffer complements Consistence Coding Standard by providing sniffs with additional checks. 1.5k123.5M1.8k](/packages/slevomat-coding-standard)[escapestudios/symfony2-coding-standard CodeSniffer ruleset for the Symfony 2+ coding standard 40611.1M275](/packages/escapestudios-symfony2-coding-standard)[phpcompatibility/phpcompatibility-wp A ruleset for PHP\_CodeSniffer to check for PHP cross-version compatibility issues in projects, while accounting for polyfills provided by WordPress. 22130.6M587](/packages/phpcompatibility-phpcompatibility-wp)[dealerdirect/phpcodesniffer-composer-installer PHP\_CodeSniffer Standards Composer Installer Plugin 598161.9M1.9k](/packages/dealerdirect-phpcodesniffer-composer-installer)[phpcsstandards/phpcsextra A collection of sniffs and standards for use with PHP\_CodeSniffer. 10324.3M44](/packages/phpcsstandards-phpcsextra) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)