yireo / yireo_extensionvalidationtools
yireo/yireo_extensionvalidationtools
Yireo ExtensionValidationTools
This extension validates the code of other extensions and is complementary to static code analysis tools like PHPCS.
Example 1: Comparing composer versions
bin/magento extension:validate:version_match /path/to/your/extension/composer.json
This command allows you to scan a given composer.json of some extension, without that extension being installed. This allows you to modify the dependencies of that extension, before trying to install the extension (which could save valuable time).
The output should be empty to be successful. When unmatched versions are found, it might look like the following:
ERROR: "magento/framework:103.0.0" does not match required version "^100.1|^101.0|^102.0"
Example 3: Creating unit tests (@todo: Move this to another module
bin/magento extension:validate:generate-unit-test --module Yireo_Webp2 --class '\Yireo\Webp2\Convertor\Convertor'
No changelog yet
The vendor hasn't published a changelog. Tagged releases appear in the Versions tab.
Requires 2
| Package | Constraint |
|---|---|
| magento/framework | * |
| yireo/magento2-extensionchecker | * |
Compatibility
Each Magento release line is installed on its supported PHP versions, then the module is built (DI compilation + static-content deploy) and its unit and integration suites are run. The matrix shows the lines and PHP versions the module is confirmed to install and run on. Code-quality results further down (phpstan, phpcs, …) are reported separately and never affect compatibility.
Code Quality
Advisory checks against the module's source. Static analysis runs once across the whole module; PHPStan re-runs per Magento + PHP version because resolvable symbols differ between releases. These NEVER affect the Compatibility badge — a phpcs finding can't make a module incompatible.
Static analysis
Coding standards (phpcs), mess detection (phpmd), copy-pasted code (cpd), PHP cross-version compatibility, composer.json validity. Each runs once for the whole module.
| Tool | Status | Findings | Summary |
|---|---|---|---|
| PHPCS | Warning | 15 | 15 warnings (ruleset: Magento2) — 7 auto-fixable with phpcbf |
| PHPMD | Warning | 4 | 4 rule violations (UnusedFormalParameter:3, IfStatementAssignment:1) |
| Cpd | Pass | 0 | |
| Composer validate | Info | 3 | valid; 3 advisory notes (composer validate --strict) |
PHPStan
Type-checks the module's PHP against a real Magento install at the configured gate level. Re-runs per Magento and PHP version because resolvable symbols differ between releases. Cell → details modal.
Tests
Unit and integration suites, run for each applicable Magento and PHP version. A test failure speaks to the module's behaviour, not its compatibility with a Magento line, so it is reported here separately and never reddens the compatibility matrix.
Unit tests
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | ||
| 2.4.8 | N/A | N/A | ||
| 2.4.9 | N/A | N/A |
Integration tests
| Magento | PHP 8.2 | PHP 8.3 | PHP 8.4 | PHP 8.5 |
|---|---|---|---|---|
| 2.4.7 | N/A | N/A | ||
| 2.4.8 | N/A | N/A | ||
| 2.4.9 | N/A | N/A |
Security
Security checks run directly against the module: an audit of its declared dependencies for known vulnerabilities (composer audit) and a scan of its source for malware and web-shell signatures. Each runs once. A malware detection fails the version outright.
More from yireo
View vendorTurn an existing module into recurring revenue.
If you already maintain a Magento 2 module on GitHub or GitLab, listing it on Packagento takes about five minutes. We mirror your tags, handle distribution signing, and route paid licenses through Stripe Connect, so you can keep shipping the way you already do.