Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
Simplified plugin for Psalm that does (part of) what I wanted in this Tweet:
namespace StaticAnalysisPlugin;
use PhpParser\Node\Expr;
use PhpParser\Node\Expr\MethodCall;
use PhpParser\Node\Expr\StaticCall;
use Psalm\Codebase;
use Psalm\CodeLocation;
use Psalm\Context;
use Psalm\FileManipulation;
use Psalm\IssueBuffer;
use Psalm\Plugin\Hook\AfterMethodCallAnalysisInterface;
use Psalm\StatementsSource;
use Psalm\Type\Union;
class DisallowBlacklistedClassUsage implements AfterMethodCallAnalysisInterface
private static function noop() : void
public static function afterMethodCallAnalysis(
Expr $expr,
string $method_id,
string $appearing_method_id,
string $declaring_method_id,
Context $context,
StatementsSource $statements_source,
Codebase $codebase,
array &$file_replacements = [],
Union &$return_type_candidate = null) : void
if ($expr instanceof StaticCall) {
$className = $expr->class->getAttribute('resolvedName');
if (is_a($className, \Something\Blacklisted::class, true)) {
if (IssueBuffer::accepts(
new IllegalBlacklistedClassUsage(
'Illegal blacklisted class usage: ' . $className,
new CodeLocation($statements_source, $expr->name)
)) {
class IllegalBlacklistedClassUsage extends \Psalm\Issue\PluginIssue {

This comment has been minimized.

Copy link
Owner Author

@asgrim asgrim commented May 1, 2020

Simplified plugin for Psalm that does (part of) what I wanted in this Tweet:

A fuller implementation would check all this:


// class "A" is "blacklisted"

class A {
    public static string $staticProp = '';
    public string $prop = '';
    public static function foo() : void {}
    public function bar() : void {}
class B extends A {}
class C extends A {}

// All the following should be considered violations:
$b = new B();
new C();
echo A::$staticProp;
echo $b->prop;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment