I generally agree, but its difficult to say what kind of vulnerabilities may lie in wait due to outdated dependencies. Heliboard seems to be the successor, also does not have network access, and is more regularly updated. Whatever satisfies your threat model though.
I dunno about PHP Storm, but I’ve used pretty much all their other IDEs and they’re hands down better than their competitors. I wish they had picked better names for Data Grip and Data Spell though. I can never keep track of which is which.