> going to need to run some static analyzers on some frameworks and
> libraries. Who's got it in them to do the research?
I'm not volunteering, but I forked Nikita's package analysis to add Psalm
scanning a while ago: https://github.com/muglug/popular-package-analysis
It's not trivial (downloading the requisite files takes up a lot of HDD
space) but Psalm's output can be parsed and analysed looking for
UndefinedPropertyFetch and UndefinedThisPropertyFetch issues.