Error-suppression operator (@) on a call that can fail
Part of Code Quality & Syntax, which counts for 20% of the overall score. When this check fires it deducts 4 points from that category, once per scan, no matter how many places it turns up.
What it detects
The @ operator silently discards any warning or error the call raises, so a failed include, a missing file, a broken query, or malformed JSON fails silently instead of surfacing a message that would help diagnose it. This tends to convert a debuggable failure into a confusing downstream bug.
Why it matters
The @ operator throws away whatever warning or error the call would have raised, so a failed include, an unreadable file, a broken query, or invalid JSON fails silently and the code continues as if nothing happened. Debugging a production issue caused by one of these swallowed errors usually costs far more time than handling the failure explicitly would have.
How to fix it
Remove the @ and handle the failure explicitly: check the return value (file_get_contents returns false, json_decode returns null on invalid input, fopen returns false), or wrap the call in a try/catch if it can throw, and log or handle the failure case on purpose.
The paid report includes a ready-to-paste prompt for your AI coding agent for every check it finds, pointed at the exact findings from your scan. See pricing
Does your repo trip this check?
Paste a GitHub URL or drop a project folder. Scans run in your browser and take seconds.
Scan your repo