Skip to content


GitHub stars sarif GitHub release (latest SemVer) GitHub last commit GitHub commit activity GitHub contributors

psalm documentation

psalm - GitHub

Configuration in MegaLinter

Variable Description Default value
PHP_PSALM_ARGUMENTS User custom arguments to add in linter CLI call
Ex: -s --foo "bar"
PHP_PSALM_COMMAND_REMOVE_ARGUMENTS User custom arguments to remove from command line before calling the linter
Ex: -s --foo "bar"
PHP_PSALM_FILTER_REGEX_INCLUDE Custom regex including filter
Ex: (src\|lib)
Include every file
PHP_PSALM_FILTER_REGEX_EXCLUDE Custom regex excluding filter
Ex: (test\|examples)
Exclude no file
PHP_PSALM_CLI_LINT_MODE Override default CLI lint mode
- file: Calls the linter for each file
- list_of_files: Call the linter with the list of files as argument
- project: Call the linter from the root of the project
PHP_PSALM_FILE_EXTENSIONS Allowed file extensions. "*" matches any extension, "" matches empty extension. Empty list excludes all files
Ex: [".py", ""]
PHP_PSALM_FILE_NAMES_REGEX File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files
Ex: ["Dockerfile(-.+)?", "Jenkinsfile"]
Include every file
PHP_PSALM_PRE_COMMANDS List of bash commands to run before the linter None
PHP_PSALM_POST_COMMANDS List of bash commands to run after the linter None
PHP_PSALM_UNSECURED_ENV_VARIABLES List of env variables explicitly not filtered before calling PHP_PSALM and its pre/post commands None
PHP_PSALM_CONFIG_FILE psalm configuration file nameUse LINTER_DEFAULT to let the linter find it psalm.xml
PHP_PSALM_RULES_PATH Path where to find linter configuration file Workspace folder, then MegaLinter default rules
PHP_PSALM_DISABLE_ERRORS Run linter but consider errors as warnings false
PHP_PSALM_DISABLE_ERRORS_IF_LESS_THAN Maximum number of errors allowed 0
PHP_PSALM_CLI_EXECUTABLE Override CLI executable ['psalm']

IDE Integration

Use psalm in your favorite IDE to catch errors before MegaLinter !

IDE Extension Name Install
IDEA PHPStan / Psalm / Generics
Visual Studio Code Psalm VSCode Plugin Install in VSCode

MegaLinter Flavours

This linter is available in the following flavours

Flavor Description Embedded linters Info
all Default MegaLinter Flavor 121 Docker Image Size (tag) Docker Pulls
cupcake MegaLinter for the most commonly used languages 84 Docker Image Size (tag) Docker Pulls
php Optimized for PHP based projects 54 Docker Image Size (tag) Docker Pulls

Behind the scenes

How are identified applicable files

  • File extensions: .php

How the linting is performed

  • psalm is called once with the list of files as arguments (list_of_files CLI lint mode)

Example calls

psalm myfile.php
psalm myfile.php mydir/
psalm --config=psalm.xml myfile.php
psalm --config=psalm.xml myfile.php mydir/

Help content

    psalm [options] [file...]

Basic configuration:
    -c, --config=psalm.xml
        Path to a psalm.xml configuration file. Run psalm --init to create one.

        Use PHP-provided ini defaults for memory and error display

        Use a specific memory limit. Cannot be combined with --use-ini-defaults

        Used to disable certain extensions while Psalm is running.

        If greater than one, Psalm will run analysis on multiple threads, speeding things up.

        Turns off Psalm’s diff mode, checks all files regardless of whether they’ve changed.

        Explicitly set PHP version to analyse code against.

        Set the error reporting level

Surfacing issues:
        Show non-exception parser findings (defaults to false).

        Show code snippets with errors. Options are 'true' or 'false'

        Look for unused code. Options are 'auto' or 'always'. If no value is specified, default is 'auto'

        Finds all @psalm-suppress annotations that aren’t used

        Searches the codebase for references to the given fully-qualified class or method,
        where method is in the format class::methodName

        Hide suggestions

        Run Psalm in taint analysis mode – see for more info

        Output the taint graph using the DOT language – requires --taint-analysis

Issue baselines:
        Save all current error level issues to a file, to mark them as info in subsequent runs

        Add --include-php-versions to also include a list of PHP extension versions

        Allows you to use a baseline other than the default baseline provided in your config

        Ignore the error baseline

        Update the baseline by removing fixed issues. This will not add new issues to the baseline

        Add --include-php-versions to also include a list of PHP extension versions

        Executes a plugin, an alternative to using the Psalm config

    -m, --monochrome
        Enable monochrome output

        Changes the output format.
        Available formats: compact, console, text, emacs, json, pylint, xml, checkstyle, junit, sonarqube,
                           github, phpstorm, codeclimate, by-issue-level

        Disable the progress indicator

        Use a progress indicator suitable for Continuous Integration logs

        Shows a breakdown of Psalm’s ability to infer types in the codebase

        The path where to output report file. The output format is based on the file extension.
        (Currently supported formats: ".json", ".xml", ".txt", ".emacs", ".pylint", ".console",
        ".sarif", "checkstyle.xml", "sonarqube.json", "codeclimate.json", "summary.json", "junit.xml")

        Whether the report should include non-errors in its output (defaults to true)

        Clears all cache files that Psalm uses for this specific project

        Clears all cache files that Psalm uses for all projects

        Runs Psalm without using cache

        Runs Psalm without using cached representations of unchanged classes and files.
        Useful if you want the afterClassLikeVisit plugin hook to run every time you visit a file.

        Runs Psalm without using caching every single file for later diffing.
        This reduces the space Psalm uses on disk and file I/O.

    -h, --help
        Display this help message

    -v, --version
        Display the Psalm version

    -i, --init [source_dir=src] [level=3]
        Create a psalm config file in the current directory that points to [source_dir]
        at the required level, from 1, most strict, to 8, most permissive.

        Debug information

        Debug information on a line-by-line level

        Print a php backtrace to stderr when emitting issues.

    -r, --root
        If running Psalm globally you’ll need to specify a project root. Defaults to cwd

        Generate a map of node references and types in JSON format, saved to the given path.

        Generate stubs for the project and dump the file in the given path

        Send analysis statistics to Shepherd ( or your server.

        Run Psalter

        Run Psalm Language Server

Installation on mega-linter Docker image

  • Dockerfile commands :
# Parent descriptor install
RUN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \
    && export GITHUB_AUTH_TOKEN \
    && wget --tries=5 -q -O phive.phar \
    && wget --tries=5 -q -O phive.phar.asc \
    && PHAR_KEY_ID="0x6AF725270AB81E04D79442549D8A98B29B2D5D79" \
    && ( gpg --keyserver hkps:// --recv-keys "$PHAR_KEY_ID" \
       || gpg --keyserver hkps:// --recv-keys "$PHAR_KEY_ID" \
       || gpg --keyserver --recv-keys "$PHAR_KEY_ID" \
       || gpg --keyserver --recv-keys "$PHAR_KEY_ID" ) \
    && gpg --verify phive.phar.asc phive.phar \
    && chmod +x phive.phar \
    && mv phive.phar /usr/local/bin/phive \
    && rm phive.phar.asc \
    && update-alternatives --install /usr/bin/php php /usr/bin/php81 110

# Linter install
RUN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && phive --no-progress install psalm -g --trust-gpg-keys 8A03EA3B385DBAA1,12CE0F1D262429A5