tiggr / scanner

Extraction of TYPO3 CMS Extension-Scanner package as separate composer library

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

TYPO3 scanner

Scans code for usage of deprecated and or changed code.

This is a library component that can be used to build tools that scan PHP files for broken or deprecated code.

Tools using this library:

TYPO3 publishes breaking changes and deprecations since version 7.

This library uses the PHP parser written by Nikita Popov. The parser transforms the PHP code from a file into an Abstract Syntax Tree (AST). This can then be easily analysed using 'Matchers' and accompanying 'Rules'.


Every node visited by the node traverser, will be checked using all Matchers specified in the \TYPO3\CMS\Scanner\Domain\Model\MatcherBundle.

Currently we have the followign matchers:


Matches arrays like $GLOBALS['foo']['bar']


Match access to a one dimensional $GLOBAL array Example $GLOBALS['TYPO3_DB']


Find usages of dropped TCA configuration values and other nested array structures. You can specify the matchOnValues parameter to pass in an array of values to match.


Find usages of class constants. Test for Class\Name::THE_CONSTANT, matches are considered "strong"


Find usages of class / interface names which are entirely deprecated or removed


Find usages of class / interface names which are entirely deprecated or removed by specifying regex patterns


Find usages of class constants. Test for THE_CONSTANT, matches are considered "strong"


Find usages of global function calls which were removed / deprecated. This is a strong match.


Match access to a one dimensional '$GLOBAL' array Example $TT


Matches interface method arguments which have been dropped. This does not test if a class implements an interface. The scanner only looks for:

  • Class method names not having specified number of arguments
  • Method calls with given method name not having this number of arguments


Find usages of method annotations


Find usages of method calls which changed signature and dropped arguments, but are called with more arguments. This is a "weak" match since we're just testing for method name but not connected class.


Find usages of static method calls which were removed / deprecated. This is a "strong" match if class name is given and "weak" if not.


Find usages of method calls which changed signature and added required arguments. This is a "weak" match since we're just testing for method name but not connected class.


Find usages of static method calls which gained new mandatory arguments. This is a "strong" match if class name is given and "weak" if not.


Match method usages where arguments "in between" are unused but not given as "null": public function foo($arg1, $unsused1 = null, $unused2 = null, $arg4) but called with: ->foo('arg1', 'notNull', null, 'arg4');


Match static method usages where arguments "in between" are unused but not given as "null": public function foo($arg1, $unsused1 = null, $unused2 = null, $arg4) but called with: ->foo('arg1', 'notNull', null, 'arg4'); This is a "strong" match if class name is given and "weak" if not.


Find usages of method calls which were removed / deprecated. This is a "weak" match since we're just testing for method name but not connected class.


Find usages of static method calls which were removed / deprecated.

This match is performed either is case of a direct foo\bar::aMethod() call as "strong" match, or as only ::aMethod() as "weak" match.

As additional indicator, the number of required, mandatory arguments is recognized: If calling a static method as $foo::aMethod($arg1), but the method needs two arguments, this is not considered a match. This would have raised a fatal PHP error anyway and this is nothing we test here.


Find usages of property annotations


Find usages of properties which have been deprecated or removed. Useful if abstract classes remove properties.


Find usages of properties which have been made protected and are not called in $this context.


Find usages of properties which were removed / deprecated.


There are rulesets for each matcher in: config/Matcher. Currently there are rules for v7, v8 and v9 of TYPO3.


When you write a new matcher or extend an existing one, please also write the needed tests.

You can run the tests with: ./.Build/bin/phpunit tests


Extraction of TYPO3 CMS Extension-Scanner package as separate composer library


Language:PHP 100.0%