Daniil Gentili's blog

Tag: announcement

  • Psalm v7: up to 10x performance!

    Announcing the public beta of Psalm v7!

    Psalm is one of the biggest and most powerful PHP Static analysis tools, featuring exclusive features like security analysis, and Psalm v7 brings huge performance improvements to security analysis, up to 10x thanks to a full refactoring of both the internal representation of taints, and optimization of the graph resolution logic.

    A major new feature was also added: combined analysis!

    Combined analysis, enabled by default in Psalm v7, allows running normal analysis, security analysis and dead code analysis all at the same time, within a single run, greatly reducing overall runtimes!

    Future beta releases will also enable taint analysis by default, given that now it can be run alongside normal analysis.

    Psalm v7 also brings performance improvements to dead code analysis, and fixes for list types.

    Even more performance improvements and new features will be released soon!

    Discuss on HackerNews!
    Discuss on Telegram!

  • Official Psalm docker image

    Psalm is one of the biggest and most powerful PHP Static analysis tools, featuring exclusive features like security analysis, and in Psalm 6.9, an official, hyperoptimized Docker image was introduced.

    Psalm’s docker image uses a custom build of PHP built from scratch with a custom deepbind patch and the jemalloc allocator, running Psalm +30% faster on average than normal PHP (+50% faster if comparing to PHP without opcache installed).

    My deepbind patch was also merged into PHP and will be available to all users (even those not using the Docker image) in PHP 8.5!

    To use it right now, on PHP 8.4, simply run:

    docker run -v $PWD:/app --rm -it ghcr.io/danog/psalm:latest /composer/vendor/bin/psalm --no-cache

    Issues due to missing extensions can be fixed by enabling them in psalm.xml and/or requiring them in composer.json, see here for more info.

    Extensions not stubbed by Psalm itself (and thus not available as a psalm config option) may be stubbed using traditional PHP stubs.

    This post is part of a series of posts about Psalm v6’s new features, click here to see all the other posts in the series, and subscribe to the newsletter to always stay up to date on the latest Psalm news and developments!

    Comment on Telegram
    Comment on HackerNews

  • Psalm v6 announcement

    Psalm is one of the biggest and most powerful PHP Static analysis tools, featuring exclusive features like security analysis, and Psalm v6 brings support for PHP 8.4, AMPHP v3, PHP-Parser v5 and much more!

    I am happy to announce that I, Daniil Gentili, am now the main maintainer of Psalm, and thanks to the newly launched Psalm support contracts, I now have the opportunity to work heavily on Psalm, specifically focusing on major performance improvements and improved security analysis.

    This post is the first of a series of technical deep dives into Psalm v6’s performance improvements, which will be released over the next weeks, starting with:

    Psalm v6 Deep Dive: Copy-on-Write + dynamic task dispatching

    To avoid missing the next posts, subscribe to my newsletter to always stay up to date on the latest Psalm news and developments!

    Subscribe to my newsletter to always stay up to date on my projects, and join my community to chat with me!

    Alternatively, you can also join my Telegram channel!

    An RSS feed is also available.

    Among other news, you can now join the new official Psalm news channel and the Psalm community!

    The news channel will be used to share inside exclusive news about upcoming Psalm features (including property hook support, coming within the next few releases!), and the community group can be used to discuss and share the way you use Psalm!

    Discuss on HackerNews
    Discuss on Telegram

    Do you like Psalm, does your company use it internally to improve security and reliability?

    Consider setting up a support contract: support contracts can cover full integration of Psalm into existing codebases, support for Psalm issues and development of additional Psalm features.

×