Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SymfonyCon2017 - Auditing Symfony Apps

November 17, 2017

SymfonyCon2017 - Auditing Symfony Apps

Often clients already have a working product that they want to improve. In these cases starting to work on the project right away may turn into a development nightmare. Therefore assessing the technical status of the product is very important. Depending on the needs of the client this can be done from several points of view : technical standards, maintainability, performance, security, etc.

This talk is going to cover how can you prepare an audit of a Symfony application, what should you look out for and how can the result of the audit impact further development on the project. I will talk also about what I found to be the best tools for the job and how can you get clients to see the benefits of it.


November 17, 2017

Other Decks in Technology


  1. Increasing quality in one aspect can lower the quality on

    other aspects =TECHNICAL DEBT Software quality
  2. “A software code audit is a comprehensive analysis of source

    code in a programming project with the intent of discovering bugs, security breaches or violations of programming conventions.” www.wikipedia.org
  3. Hands on code analysis What to look for • project

    structure, version control • OOP, design patterns • mixture of layers • logging, exception handling 1 2 3 4 5
  4. “When I wrote this, only God and I understood what

    I was doing. Now, God only knows.” Comments comments to look for : “fix, xxx, wtf, todo, temporary” 1 2 3 4 5
  5. Key points Impact on users Make a bridge to nontechnical

    people Audit -> Plan -> Implement -> Follow up Learn