March 18th 2021
Static analysis tools (e.g. PHP CodeSniffer, ESLint, Psalm) are an essential part of modern software development; they find bugs and help improve code quality. If you've introduced static analysis to legacy code the tools have probably reported hundreds or thousands of problems. You're left with the choice of fixing all the issues or deciding against using the static analysis tools.
Static Analysis Results Baseliner (SARB) is used to create a baseline of these results. As work on the project progresses SARB takes the latest static analysis results, removes those issues in the baseline and report the issues raised since the baseline.
SARB is written in PHP, but can be used with any static analysis tool.
Install with composer:
composer require --dev dave-liddament/sarb
Assuming we're using PHP CodeSniffer. First create a baseline of the current issues:
phpcs --report-json src | vendor/bin/sarb create --input-format=phpcodesniffer-json phpcs.sarb
This will create a file
phpcs.sarb that you'll want to check in to your repo.
Then code away. Before you're ready to commit your code run SARB again to make sure you've not added any issues since the baseline.
This command will show any new issues you've raised.
phpcs --report-json src | vendor/bin/sarb remove phpcs.sarb
SARB supports the following tools out of the box:
If your tool is not supported there are three ways to add support.
SARB 0.1 was first released in January 2019. The primary use case was for use with Psalm and PHPStan. Both tools now have their own baseline functionality. SARB's functionality is slightly different; it can track baseline issues even if the file they are in is renamed or moved.
Version 1 has simplified the usage of the tool, added support for Github actions and had a tidy up of the codebase.
To migrate from version 0 to 1 use the upgrade script.
Drop me a DM on twitter.