Integrate an open source Static Analysis tool as part of CIVICRM continuous integration toolchain

Tags Devops, Developer hapiness, Quality assurance

Hello @JoeMurray and potential mentors

I am interested in the above project because from research it will lead to less developer frustration by reducing time spent on manual PR code reviews, as well as help maintain a healthy and consistent code base among others.

Apart form PHPSTAN, Psalm from Vimeo and Phan can also help us run static analysis on the codebase. These three open source tools were the most reoccurring in my research.

Personally I prefer psalm as I found it's error messages more descriptive. I have been finding it difficult to set up phan as is requires some not so clear configurations.

I have some questions though

• What would be the major determinant for selecting a tool? I am guessing a static analysis tool for CIVICRM is just required to detect code errors early enough but most of them can do more than this

• I have been wondering if integrating any of these open source tools will take up to 3 months as per GSOC required time frame since configuring Composer packages on Jenkins servers doesn't take much time

• Also on which repositories will this static analysis tools be integrated?

• Lastly this integration does not seem to require much coding, I might be wrong but Jenkins plugins do most of the trick. I would love a bit of enlightenment on this as I think GSOC favours code centric projects

I am looking forward to your reply thanks