request for optional strict rule requiring packages using phpstan/phpstan to also use phpstan/phpstan-strict-rules #3
Comments
|
This is a really weird request 😊 My opinion is that When you're using a package, you should only care about its public interface and not about the internal implementation, let alone how it's developed. Can you elaborate on why you want this? |
|
for making sure I don't forget to run phpstan/phpstan-strict-rules on all of the things :P |
|
or to phrase it another way; I might remember to |
|
That's a really weird solution to a problem 😊 What about having some composer.json template for all new projects or something like that? How do you make sure that you don't forget to add something else? You might want to write your own Composer plugin for that, similar to https://github.com/Ocramius/PackageVersions. |
|
this is more for older packages that're still in use (i.e. really->far->down->the->dependency->chain) - I was doing a static analysis sprint at work today in between other tasks, stumbled across packages that were using a php-cs-fixer 1.x config class & possibly pre-0.8 phpstan:dev-master in require-dev. |
|
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Not sure if rules that analyse composer.lock are within the scope of this project, but I'd find it useful (from a housekeeping stand point) to be able to configure phpstan to check that any package that has phpstan/phpstan listed in it's dependencies, then report those that don't also require phpstan/phpstan-strict-rules
i.e.
require-devThe text was updated successfully, but these errors were encountered: