Improving Code Quality with PHP_CodeSniffer

Transcript

1. Improving Code Quality with PHP_CodeSniffer Juliette Reinders Folmer Tweet about

   it: @jrf_nl #phpbnl20

2. “ @jrf_nl #phpbnl20 Only half of programming is coding. The

   other 90% is debugging.

3. hotblack

4. Functional Technical Architectural Conceptual

5. Importance Conceptual Architectural Functional Technical

6. Pull request Merged ... typo in documentation ... ... whitespace

   ... ... please add some tests ... ... is situation x handled ... ... use early return ... ... using PHP 7.4 syntax ... ... use strict checking in your tests ...

7. Pull request Merged ... please add some tests ... ...

   is situation x handled ...

8. Attention Conceptual Architectural Functional Technical

9. Marnhe du Plooy

10. Psalm CS- Fixer PHP Stan PHP CS Exakat PHP CPD

    PHP Insights PHP MD PHP MND Rector PHP DCD Static Analysis Tools

11. PHP CS Static Analysis Tools

12. Brief (Re-)Introduction to PHP_CodeSniffer Nightsabre

13. How It Works Standard (ruleset) Sniffs Checks (errorcodes)

14. Standard Standard A Standard B Standard A Standard B Standard

    A Standard B

15. Standard.Subset.Sniff.ErrorCode Standard.Subset.Sniff.ErrorCode Standard.Subset.Sniff.ErrorCode Standard.Subset.Sniff.ErrorCode

16. Standard.Subset.Sniff.ErrorCode Include: <rule ref="…" /> Exclude: <exclude name="…" /> ~~~~~~~~

17. <?xml version="1.0"?> <ruleset name="MyProject"> <exclude-pattern>*/vendor/*</exclude-pattern> <rule ref="Stnd"/> <rule ref="Stnd.Category"/> <rule

    ref="Stnd.Category.SniffName"/> <rule ref="Stnd.Category.SniffName.ErrorCode"/> <rule ref="Stnd"/> <exclude name="Stnd.Category.SniffName"/> </rule> <rule ref="Stnd.Category.SniffName"/> <exclude-pattern>*/tests/*</exclude-pattern> </rule> </ruleset> Standard A Standard B

18. Customizing Sniffs <?xml version="1.0"?> <ruleset name="MyProject"> <rule ref="Stnd.Category.SniffName"> <properties> <property

    name="propertyA" value="true"/> <property name="propertyB" value="100"/> <property name="propertyC" type="array"> <element key="key1" value="value1"/> <element key="key2" value="value2"/> </property> </properties> </rule> </ruleset>

19. “ @jrf_nl #phpbnl20 The nice thing about standards is that

    there are so many to choose from.

20. PHPCS Build-in Standards PEAR PSR1 PSR2 Zend MySource Squiz PSR12

    Generic

21. Framework/CMS Standards Laravel Joomla Symfony2 CodeIgniter4 Drupal Magento WordPress MediaWiki

    Zend Framework (WebImpress) TYPO3 Yii CakePHP

22. Functional Standards and Sniff Collections Object Calisthenics Variable Analysis Universal

    Slevomat Cognitive Complexity PHP Compatibility Import Detection Security Audit Normalized Arrays PHPCSExtra

23. Badly set up Sniffs Fixer Conflicts Not Allowing For All

    Possible PHP Syntaxes Presuming Code Style About Sniff Quality

24. Making it Work jeltovski

25. Registering External Standards [1] phpcs --config-set installed_paths /path/to/dir/above/standard phpcs --config-show

    phpcs --config-set installed_paths /path/to/dir/above/standard1,/path/to/dir/above/standard2

26. Registering External Standards [2] composer require –-dev dealerdirect/phpcodesniffer-composer-installer

27. Discovering Sniffs kenbrasier

28. Explain

29. phpcs --standard=PSR12 --generator=Text (Markdown|HTML)

30. Seemann

31. Testing With a Code Sample <?php namespace My\NS; use Vendor\Package\ClassName;

    class MyClass {} $ phpcs –s ./unused-use.php –-standard=Stnd1,Stnd2,Stnd3,Stnd4

32. Checking Code Quality with PHP_CodeSniffer Nightsabre

33. Code Style Documentation Code Smells Code Metrics Best Practices Code

    Compatibility

34. Dead Code

35. Dead Code  Commented Out Code  Code Which Cannot

    be Reached  Unused use Statements  Unused Variables  Unused Parameters  Unused Private Methods  Duplicate Array Keys

36. Boni Idem Insecure Code

37. Insecure Code (Potentially)  Use of eval()  Use of

    PCRE /e Modifier  Use of Backtick Operator  Known Vulnerabilities / CVE Advisories Security / PHPCS_SecurityAudit

38. pschubert Complex Code

39. Complex Code  High Code Complexity Cyclomatic Complexity Cognitive Complexity

     Deep Code Nesting  Method / Property / Parameter Counts

40. Incompatible Code

41. Incompatible Code  Use of Deprecated Syntaxes  Use of

    Deprecated or Removed Functions / Classes / Extensions/ Parameters etc  Use of (too) new Syntaxes  ... and much more

42. Incompatible Code PHPCompatibility $ --runtime-set testVersion 7.0-7.3 <config name="testVersion" value="5.6-"/>

43. Incompatible Code  PHPCompatibilityJoomla  PHPCompatibilityWP  PHPCompatibilityPasswordCompat  PHPCompatibilityParagonie

    (sodium, random_compat)  PHPCompatibilitySymfony  PHPCompatibilityAll

44. Ali Taylor Implicit Standards

45. Implicit Standards  Strict Comparisons  ... in array functions

    too  ... in unit test assertions  To Yoda or Not to Yoda  Class Structure  One Namespace Per File  ...etc...

46. elvis santana Potentially Buggy Code

47. Potentially Buggy Code  Undefined Variables  Jumbled Incrementors in

    Loops  Double ! Operator  Error Silencing  Assignments in Conditions  Mixing string/int Array Keys

48. Jon Ng Modern PHP

49. Enforce Modern PHP  Use Short Arrays  Use Short

    Lists  Enforce Strict Types  Enforce Param/Return Type Declarations  Enforce use Statements  Require null coalesce

50. Code Style Documentation Code Smells Code Metrics Best Practices Code

    Compatibility

51. Links  PHP_CodeSniffer https://github.com/squizlabs/PHP_CodeSniffer  Find External Standards on Packagist

    https://packagist.org/?query=phpcs&type=phpcodesniffer-standard https://packagist.org/?query=php_codesniffer&type=phpcodesniffer-standard  DealerDirect Composer PHPCS plugin https://github.com/Dealerdirect/phpcodesniffer-composer-installer  PHPCSDevTools, PHPCSUtils, PHPCSExtra, PHPCompatibility et al https://github.com/PHPCSStandards https://github.com/PHPCompatibility

52. Thanks! Slides: https://speakerdeck.com/jrf Feedback: https://joind.in/58212 Follow me: https://twitter.com/jrf_nl https://github.com/jrfnl Sponsor

    me ;-)

53. Questions ? Clodiney Cruz