PHPackages                             thecodingmachine/phpstan-strict-rules - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Testing &amp; Quality](/categories/testing)
4. /
5. thecodingmachine/phpstan-strict-rules

ActivePhpstan-extension[Testing &amp; Quality](/categories/testing)

thecodingmachine/phpstan-strict-rules
=====================================

A set of additional rules for PHPStan based on best practices followed at TheCodingMachine

v2.0.0(5d ago)2907.3M↓51.9%27[7 issues](https://github.com/thecodingmachine/phpstan-strict-rules/issues)20MITPHPCI passing

Since Jun 27Pushed 5d ago17 watchersCompare

[ Source](https://github.com/thecodingmachine/phpstan-strict-rules)[ Packagist](https://packagist.org/packages/thecodingmachine/phpstan-strict-rules)[ RSS](/packages/thecodingmachine-phpstan-strict-rules/feed)WikiDiscussions master Synced yesterday

READMEChangelog (10)Dependencies (5)Versions (32)Used By (20)

[![Latest Stable Version](https://camo.githubusercontent.com/cf387624dab46951d3014864e1ebb591166fa8ae93b3d8af7d1acb4e023ad2b0/68747470733a2f2f706f7365722e707567782e6f72672f746865636f64696e676d616368696e652f7068707374616e2d7374726963742d72756c65732f762f737461626c65)](https://packagist.org/packages/thecodingmachine/phpstan-strict-rules)[![Total Downloads](https://camo.githubusercontent.com/0ded69672aa04a2be635c044364cc1d72eb2e5d313abcf996cb97dd3a5f01485/68747470733a2f2f706f7365722e707567782e6f72672f746865636f64696e676d616368696e652f7068707374616e2d7374726963742d72756c65732f646f776e6c6f616473)](https://packagist.org/packages/thecodingmachine/phpstan-strict-rules)[![Latest Unstable Version](https://camo.githubusercontent.com/cd3ca5a4b18af5d58ecb9a6b059e1982fea8e4b3d291ebb21f41ecde2d50de7f/68747470733a2f2f706f7365722e707567782e6f72672f746865636f64696e676d616368696e652f7068707374616e2d7374726963742d72756c65732f762f756e737461626c65)](https://packagist.org/packages/thecodingmachine/phpstan-strict-rules)[![License](https://camo.githubusercontent.com/355f144eab5720e9d306cab02a58d73d85f54670941b7e33d6f9e1118ea10a3f/68747470733a2f2f706f7365722e707567782e6f72672f746865636f64696e676d616368696e652f7068707374616e2d7374726963742d72756c65732f6c6963656e7365)](https://packagist.org/packages/thecodingmachine/phpstan-strict-rules)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/7eb8db7c216b99a7b487d18f6e7666598dba452fab954072c8cbf450c4f24daa/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f746865636f64696e676d616368696e652f7068707374616e2d7374726963742d72756c65732f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/thecodingmachine/phpstan-strict-rules/?branch=master)[![Build Status](https://camo.githubusercontent.com/16d307b8f4cf1f31e4ce9f136b076a6eacf26bc7052c31a2b7d684fc46f40c37/68747470733a2f2f7472617669732d63692e6f72672f746865636f64696e676d616368696e652f7068707374616e2d7374726963742d72756c65732e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/thecodingmachine/phpstan-strict-rules)[![Coverage Status](https://camo.githubusercontent.com/0ce358cf5444b8d06701d721e869acc44e90fdeca3b7951fc0e7fc22276d3843/68747470733a2f2f636f766572616c6c732e696f2f7265706f732f746865636f64696e676d616368696e652f7068707374616e2d7374726963742d72756c65732f62616467652e7376673f6272616e63683d6d617374657226736572766963653d676974687562)](https://coveralls.io/github/thecodingmachine/phpstan-strict-rules?branch=master)

TheCodingMachine's additional rules for PHPStan
===============================================

[](#thecodingmachines-additional-rules-for-phpstan)

This package contains a set of rules to be added to the [wonderful PHPStan static analyzer](https://phpstan.org/).

Those rules come from [TheCodingMachine best practices](http://bestpractices.thecodingmachine.com/). They are more "strict" than the default PHPStan rules and some may be controversial. We use those at TheCodingMachine, have found them to help us in our daily work, and ask anyone working with us to follow them.

Rules list
----------

[](#rules-list)

### Exception related rules

[](#exception-related-rules)

- You should not throw the "Exception" base class directly [but throw a sub-class instead](http://bestpractices.thecodingmachine.com/php/error_handling.html#subtyping-exceptions).
- You should not have empty catch statements
- When throwing an exception inside a catch block, [you should pass the catched exception as the "previous" exception](http://bestpractices.thecodingmachine.com/php/error_handling.html#wrapping-an-exception-do-not-lose-the-previous-exception)
- If you catch a `Throwable`, an `Exception` or a `RuntimeException`, you must rethrow the exception.

### Superglobal related rules

[](#superglobal-related-rules)

- The use of [`$_GET`, `$_POST`, `$_FILES`, `$_COOKIE`, `$_SESSION`, `$_REQUEST` is forbidden](http://bestpractices.thecodingmachine.com/php/organize_your_code.html#stop-using-superglobals-). You should instead use your framework's request/session object.
- Superglobal usage is still tolerated at the root scope (because it is typically used once in `index.php` to initialize PSR-7 request object)

### Condition related rules

[](#condition-related-rules)

- Switch statements should always check for unexpected values by [implementing a default case (and throwing an exception)](http://bestpractices.thecodingmachine.com/php/defensive_programming.html#always-check-for-unexpected-values)

### Work-in-progress

[](#work-in-progress)

```
// Never use public properties
// Never use globals

```

Installation
------------

[](#installation)

We assume that [PHPStan](https://phpstan.org/) is already installed in your project.

To use this extension, require it in [Composer](https://getcomposer.org/):

```
composer require --dev thecodingmachine/phpstan-strict-rules
```

If you also install [phpstan/extension-installer](https://github.com/phpstan/extension-installer) then you're all set!

 Manual installationIf you don't want to use `phpstan/extension-installer`, include phpstan-strict-rules.neon in your project's PHPStan config:

```
includes:
    - vendor/thecodingmachine/phpstan-strict-rules/phpstan-strict-rules.neon
```

###  Health Score

72

—

ExcellentBetter than 100% of packages

Maintenance99

Actively maintained with recent releases

Popularity62

Solid adoption and visibility

Community46

Growing community involvement

Maturity74

Established project with proven stability

 Bus Factor1

Top contributor holds 88.1% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~109 days

Recently: every ~599 days

Total

31

Last Release

5d ago

Major Versions

v0.12.2 → v1.0.02021-11-08

v1.0.0 → v2.0.02026-06-27

PHP version history (3 changes)0.7.0PHP &gt;=7.1

v0.10.0PHP ^7.1

v0.12.1PHP ^7.1|^8.0

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/1104771?v=4)[mouf](/maintainers/mouf)[@Mouf](https://github.com/Mouf)

![](https://avatars.githubusercontent.com/u/1847918?v=4)[TheCodingMachine](/maintainers/thecodingmachine)[@thecodingmachine](https://github.com/thecodingmachine)

---

Top Contributors

[![moufmouf](https://avatars.githubusercontent.com/u/1290952?v=4)](https://github.com/moufmouf "moufmouf (89 commits)")[![adaamz](https://avatars.githubusercontent.com/u/4347332?v=4)](https://github.com/adaamz "adaamz (2 commits)")[![alexander-schranz](https://avatars.githubusercontent.com/u/1698337?v=4)](https://github.com/alexander-schranz "alexander-schranz (1 commits)")[![dongm2ez](https://avatars.githubusercontent.com/u/9032795?v=4)](https://github.com/dongm2ez "dongm2ez (1 commits)")[![homersimpsons](https://avatars.githubusercontent.com/u/16977446?v=4)](https://github.com/homersimpsons "homersimpsons (1 commits)")[![marcinharasim](https://avatars.githubusercontent.com/u/16610387?v=4)](https://github.com/marcinharasim "marcinharasim (1 commits)")[![adrienbrault](https://avatars.githubusercontent.com/u/611271?v=4)](https://github.com/adrienbrault "adrienbrault (1 commits)")[![mugagambi](https://avatars.githubusercontent.com/u/33054634?v=4)](https://github.com/mugagambi "mugagambi (1 commits)")[![nunomaduro](https://avatars.githubusercontent.com/u/5457236?v=4)](https://github.com/nunomaduro "nunomaduro (1 commits)")[![ondrejmirtes](https://avatars.githubusercontent.com/u/104888?v=4)](https://github.com/ondrejmirtes "ondrejmirtes (1 commits)")[![Slamdunk](https://avatars.githubusercontent.com/u/152236?v=4)](https://github.com/Slamdunk "Slamdunk (1 commits)")[![TomasVotruba](https://avatars.githubusercontent.com/u/924196?v=4)](https://github.com/TomasVotruba "TomasVotruba (1 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/thecodingmachine-phpstan-strict-rules/health.svg)

```
[![Health](https://phpackages.com/badges/thecodingmachine-phpstan-strict-rules/health.svg)](https://phpackages.com/packages/thecodingmachine-phpstan-strict-rules)
```

###  Alternatives

[larastan/larastan

Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel

6.5k55.4M8.4k](/packages/larastan-larastan)[phpstan/phpstan-symfony

Symfony Framework extensions and rules for PHPStan

79475.7M2.2k](/packages/phpstan-phpstan-symfony)[phpstan/phpstan-doctrine

Doctrine extensions for PHPStan

67272.8M1.4k](/packages/phpstan-phpstan-doctrine)[shipmonk/dead-code-detector

Dead code detector to find unused PHP code via PHPStan extension. Can automatically remove dead PHP code. Supports libraries like Symfony, Doctrine, PHPUnit etc. Detects dead cycles. Can detect dead code that is tested.

4853.5M91](/packages/shipmonk-dead-code-detector)[spaze/phpstan-disallowed-calls

PHPStan rules to detect disallowed method &amp; function calls, constant, namespace, attribute, property &amp; superglobal usages, with powerful rules to re-allow a call or a usage in places where it should be allowed.

33422.6M548](/packages/spaze-phpstan-disallowed-calls)[mglaman/phpstan-drupal

Drupal extension and rules for PHPStan

20731.4M188](/packages/mglaman-phpstan-drupal)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
