atoum is a modern and intuitive testing framework for PHP.

Backward Compatibility Check can be used to verify BC breaks between two versions of a PHP library.

Behat is a tool to support you in delivering software that matters through continuous communication, deliberate discovery and test-automation.

CaptainHook is an easy to use and very flexible git hook library for php developers. It enables you to configure your git hook actions in a simple json file.

Codeception is a modern full-stack testing framework for PHP.

Composer is a tool for dependency management in PHP.

It allows you to declare the libraries your project depends on and it will manage (install/update) them for you.

dePHPend helps with bringing your PHP projects back in shape.

Deptrac is a static code analysis tool that helps to enforce rules for dependencies between software layers in your PHP projects.

Exakat is a tool for analyzing, reporting and assessing PHP code source efficiently and systematically. Exakat can process PHP 5.2 to 7.3 code, as well as reporting on security, performance, code quality, migration.

GrumPHP will register some git hooks in your package repository. When somebody commits changes, GrumPHP will run some tests on the committed code.

HTMLProofer will test your rendered HTML files to make sure they're accurate.

Infection is a PHP mutation testing framework based on AST (Abstract Syntax Tree) mutations.

Kahlan is a full-featured Unit & BDD test framework a la RSpec/JSpec which uses a describe-it syntax and moves testing in PHP one step forward.

Parse - A PHP Security Scanner is a static scanning tool to review your PHP code for potential security-related issues.

PCOV is a self contained CodeCoverage compatible driver for PHP7.

peridot is an highly extensible, highly enjoyable, BDD testing framework for PHP.

Phan is a static analyzer for PHP.

Pho is a BDD test framework for PHP, inspired by Jasmine and RSpec.

PHP Assumptions is a static code analysis tool doing checks for weak assumptions.

PHP Code Beautifier and Fixer fixes violations of a defined coding standard.

The PHP Coding Standards Fixer 2 tool fixes most issues in your code when you want to follow the PHP coding standards as defined in the PSR-1 and PSR-2 documents and many more.

PHP Copy/Paste Detector is a Copy/Paste Detector for PHP code.

PHP Dead Code Detector is a Dead Code Detector (DCD) for PHP code.

PHP Doc Check uses complexity metrics to enforce documentation conventions on non-trivial functions.

PHP Formatter aims to provide you some bulk actions for your PHP projects to ensure their consistency.

PHP Magic Number Detector aims to help you to detect magic numbers in your PHP code.

PHP Mess Detector scans PHP source code and looks for potential problems such as possible bugs, dead code, suboptimal code, and overcomplicated expressions.

PHP Parallel Lint checks the syntax of PHP files faster than serial check, with a fancier output.

PHP_CodeSniffer tokenizes PHP, JavaScript and CSS files and detects violations of a defined set of coding standards.

PHP_Depend shows you the quality of your design in the terms of extensibility, reusability and maintainability.

PHP_Testability analyses and produces a report with testability issues of a php codebase.

Phpactor is an intelligent code-completion and refactoring tool for PHP.

PHPCheckstyle is an open-source tool that helps PHP programmers adhere to certain coding conventions.

PhpCodeAnalyzer finds usage of different non-built-in extensions in your php code.

PhpCodeFixer finds deprecated functions, wrong functions usage, variables, ini directives and restricted identifiers in your php code.

PHPCompatibility is a set of sniffs for PHP_CodeSniffer that checks for PHP version compatibility.

phpdbg aims to be a lightweight, powerful, easy to use debugging platform for PHP.

phpDocumentor analyzes your code to create great documentation. It enables you to generate documentation directly from your PHP source code.

phpDox is a documentation generator for PHP projects.

PHPLOC is a tool for quickly measuring the size and analyzing the structure of a PHP project.

PhpMetrics provides software metrics about PHP project and classes.

PHPSpec is a tool which can help you write clean and working PHP code using Behaviour Driven Development (BDD).

PHPStan - PHP Static Analysis Tool focuses on finding errors in your code without actually running it.

PHPUnit is a programmer-oriented testing framework for PHP.

PHPVisualDebt is a Static Analyzer following QDD which Questions Everything that is leaving Visual Debt behind.

Prettier PHP plugin adds support for the PHP language to Prettier, an opinionated code formatter.

Psalm is a static analysis tool for finding errors in PHP applications.

Psalter will automatically fix some of the many errors that Psalm can find.

Qafoo Quality Analyzer is a tool to visualize metrics and source code.

Rector instantly upgrades PHP & YAML code of your application, with focus on open-source projects: PHP, CakePHP, Symfony, Sylius, PHPUnit, Twig, SilverStripe.

Roave Security Advisories ensures that your application doesn't have installed dependencies with known security vulnerabilities.

Safe-PHP redeclares all core PHP functions. The new PHP functions act exactly as the old ones, except they throw exceptions properly when an error is encountered.

Scrutinizer intents to improve code quality and find bugs before they hit production.

The Security Advisories Database references known security vulnerabilities in various PHP projects and libraries.

SensioLabs Insight continuously analyzes your code to detect security risks, find bugs, provide actionable metrics and help improve your projects in the long term.

SensioLabs Security Checker is a command line tool that checks if your application uses dependencies with known security vulnerabilities.

SimpleTest is a framework for unit testing, web site testing and mock objects for PHP.

Smart Analyzer for PHP is a development tool aimed at bringing complex analysis for PHP applications and libraries.

Bring your user and service stories to life through your tests with Storyplayer.

Tuli is a static analysis engine.

VersionEye notifies you about security vulnerabilities, license violations and out-dated dependencies in your Git repositories.

You are using it wrong enforces type checks during composer installation in downstream consumers of your package.