Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.coderabbit.ai/llms.txt

Use this file to discover all available pages before exploring further.

PHPStan is a static analysis tool for PHP.

​
Files

PHPStan will run on files with the following extensions:
  • .php

​
Configuration

PHPStan supports the following config files:
  • phpstan.neon
  • phpstan.neon.dist
  • phpstan.dist.neon
If no PHPStan config file is found, CodeRabbit writes a temporary config based on the selected review profile.

​
What CodeRabbit runs

PHPStan runs in a sandbox with the project config if present. If a project config is present, we parse and validate the config before execution.

​
Security policy and restrictions

  • We reject phpstan.neon/phpstan.neon.dist that declare bootstrapFile or bootstrapFiles to prevent executing arbitrary project bootstrap code.
  • Blocked configuration keys include:
    • bootstrapFiles
    • bootstrapFile

​
When we skip PHPStan

CodeRabbit will skip running PHPStan when:
  • The config file does not contain a paths: parameter.
  • The config contains bootstrapFile or bootstrapFiles.
  • PHPStan is already running in GitHub workflows.
  • Config parsing fails or appears unsafe.