Integrate PHPStan with Vulnetix. Analyze PHP code for bugs and type errors with SARIF output via the sarif formatter.
PHPCLI toolSARIF
Install & scan
$ composer require --dev phpstan/phpstan composer require --dev jbelien/phpstan-sarif-formatter $ ./vendor/bin/phpstan analyse --error-format=sarif src/ > phpstan.sarif
Run PHPStan in CI
Scan on every push and upload the results to Vulnetix:
- name: Install PHPStan
run: |
composer require --dev phpstan/phpstan
composer require --dev jbelien/phpstan-sarif-formatter
- name: Run PHPStan
run: ./vendor/bin/phpstan analyse --error-format=sarif src/ > phpstan.sarif
- name: Upload to Vulnetix
run: vulnetix upload --file phpstan.sarif
Centralise PHPStan results in Vulnetix
Upload PHPStan SARIF output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.