What language is this for?
PHP
Which rule?
php:S930 - The number of arguments passed to a function should match the number of parameters
Why do you believe it’s a false-positive?
The rule incorrectly reports that html_entity_decode() expects 2 arguments when 3 are provided.
However, according to the PHP official documentation, html_entity_decode() has supported 3 parameters since PHP 4.3.0:
php
html_entity_decode(
string $string,
int $flags = ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401,
?string $encoding = null
): string
| Parameter | Required | Since |
|---|---|---|
$string |
Required | PHP 4.3.0 |
$flags |
Optional | PHP 4.3.0 |
$encoding |
Optional | PHP 4.3.0 |
The SonarPHP analyzer appears to have an incorrect function signature stub for html_entity_decode(), recognizing only 2 parameters instead of 3.
Are you using
-
SonarQube Server: Enterprise Edition 2025.04
-
SonarPHP Plugin Version: 3.46.0.13151
How can we reproduce the problem?
php
<?php
class Example
{
public function process(array $params): string
{
$result = '';
foreach ($params as $key => $value) {
// S930 False Positive: "html_entity_decode" expects 2 arguments, but 3 were provided
$decodedKey = html_entity_decode($key, ENT_QUOTES, 'UTF-8');
$decodedValue = html_entity_decode($value, ENT_QUOTES, 'UTF-8');
$result .= sprintf('&%s=%s', urlencode($decodedKey), urlencode($decodedValue));
}
return $result;
}
}
Expected: No issue should be raised.
Actual: S930 is raised with the message "html_entity_decode" expects 2 arguments, but 3 were provided.