Tweet
Tweet

Slide 1

Slide 1 text

Improving Code Quality with PHP_CodeSniffer Juliette Reinders Folmer Tweet about it: @jrf_nl #phpbnl20

Slide 2

Slide 2 text

“ @jrf_nl #phpbnl20 Only half of programming is coding. The other 90% is debugging.

Slide 3

Slide 3 text

hotblack

Slide 4

Slide 4 text

Functional Technical Architectural Conceptual

Slide 5

Slide 5 text

Importance Conceptual Architectural Functional Technical

Slide 6

Slide 6 text

Pull request Merged ... typo in documentation ... ... whitespace ... ... please add some tests ... ... is situation x handled ... ... use early return ... ... using PHP 7.4 syntax ... ... use strict checking in your tests ...

Slide 7

Slide 7 text

Pull request Merged ... please add some tests ... ... is situation x handled ...

Slide 8

Slide 8 text

Attention Conceptual Architectural Functional Technical

Slide 9

Slide 9 text

Marnhe du Plooy

Slide 10

Slide 10 text

Psalm CS- Fixer PHP Stan PHP CS Exakat PHP CPD PHP Insights PHP MD PHP MND Rector PHP DCD Static Analysis Tools

Slide 11

Slide 11 text

PHP CS Static Analysis Tools

Slide 12

Slide 12 text

Brief (Re-)Introduction to PHP_CodeSniffer Nightsabre

Slide 13

Slide 13 text

How It Works Standard (ruleset) Sniffs Checks (errorcodes)

Slide 14

Slide 14 text

Standard Standard A Standard B Standard A Standard B Standard A Standard B

Slide 15

Slide 15 text

Standard.Subset.Sniff.ErrorCode Standard.Subset.Sniff.ErrorCode Standard.Subset.Sniff.ErrorCode Standard.Subset.Sniff.ErrorCode

Slide 16

Slide 16 text

Standard.Subset.Sniff.ErrorCode Include: Exclude: ~~~~~~~~

Slide 17

Slide 17 text

*/vendor/* */tests/* Standard A Standard B

Slide 18

Slide 18 text

Customizing Sniffs

Slide 19

Slide 19 text

“ @jrf_nl #phpbnl20 The nice thing about standards is that there are so many to choose from.

Slide 20

Slide 20 text

PHPCS Build-in Standards PEAR PSR1 PSR2 Zend MySource Squiz PSR12 Generic

Slide 21

Slide 21 text

Framework/CMS Standards Laravel Joomla Symfony2 CodeIgniter4 Drupal Magento WordPress MediaWiki Zend Framework (WebImpress) TYPO3 Yii CakePHP

Slide 22

Slide 22 text

Functional Standards and Sniff Collections Object Calisthenics Variable Analysis Universal Slevomat Cognitive Complexity PHP Compatibility Import Detection Security Audit Normalized Arrays PHPCSExtra

Slide 23

Slide 23 text

Badly set up Sniffs Fixer Conflicts Not Allowing For All Possible PHP Syntaxes Presuming Code Style About Sniff Quality

Slide 24

Slide 24 text

Making it Work jeltovski

Slide 25

Slide 25 text

Registering External Standards [1] phpcs --config-set installed_paths /path/to/dir/above/standard phpcs --config-show phpcs --config-set installed_paths /path/to/dir/above/standard1,/path/to/dir/above/standard2

Slide 26

Slide 26 text

Registering External Standards [2] composer require –-dev dealerdirect/phpcodesniffer-composer-installer

Slide 27

Slide 27 text

Discovering Sniffs kenbrasier

Slide 28

Slide 28 text

Explain

Slide 29

Slide 29 text

phpcs --standard=PSR12 --generator=Text (Markdown|HTML)

Slide 30

Slide 30 text

Seemann

Slide 31

Slide 31 text

Testing With a Code Sample

Slide 32

Slide 32 text

Checking Code Quality with PHP_CodeSniffer Nightsabre

Slide 33

Slide 33 text

Code Style Documentation Code Smells Code Metrics Best Practices Code Compatibility

Slide 34

Slide 34 text

Dead Code

Slide 35

Slide 35 text

Dead Code  Commented Out Code  Code Which Cannot be Reached  Unused use Statements  Unused Variables  Unused Parameters  Unused Private Methods  Duplicate Array Keys

Slide 36

Slide 36 text

Boni Idem Insecure Code

Slide 37

Slide 37 text

Insecure Code (Potentially)  Use of eval()  Use of PCRE /e Modifier  Use of Backtick Operator  Known Vulnerabilities / CVE Advisories Security / PHPCS_SecurityAudit

Slide 38

Slide 38 text

pschubert Complex Code

Slide 39

Slide 39 text

Complex Code  High Code Complexity Cyclomatic Complexity Cognitive Complexity  Deep Code Nesting  Method / Property / Parameter Counts

Slide 40

Slide 40 text

Incompatible Code

Slide 41

Slide 41 text

Incompatible Code  Use of Deprecated Syntaxes  Use of Deprecated or Removed Functions / Classes / Extensions/ Parameters etc  Use of (too) new Syntaxes  ... and much more

Slide 42

Slide 42 text

Incompatible Code PHPCompatibility $ --runtime-set testVersion 7.0-7.3

Slide 43

Slide 43 text

Incompatible Code  PHPCompatibilityJoomla  PHPCompatibilityWP  PHPCompatibilityPasswordCompat  PHPCompatibilityParagonie (sodium, random_compat)  PHPCompatibilitySymfony  PHPCompatibilityAll

Slide 44

Slide 44 text

Ali Taylor Implicit Standards

Slide 45

Slide 45 text

Implicit Standards  Strict Comparisons  ... in array functions too  ... in unit test assertions  To Yoda or Not to Yoda  Class Structure  One Namespace Per File  ...etc...

Slide 46

Slide 46 text

elvis santana Potentially Buggy Code

Slide 47

Slide 47 text

Potentially Buggy Code  Undefined Variables  Jumbled Incrementors in Loops  Double ! Operator  Error Silencing  Assignments in Conditions  Mixing string/int Array Keys

Slide 48

Slide 48 text

Jon Ng Modern PHP

Slide 49

Slide 49 text

Enforce Modern PHP  Use Short Arrays  Use Short Lists  Enforce Strict Types  Enforce Param/Return Type Declarations  Enforce use Statements  Require null coalesce

Slide 50

Slide 50 text

Code Style Documentation Code Smells Code Metrics Best Practices Code Compatibility

Slide 51

Slide 51 text

Links  PHP_CodeSniffer https://github.com/squizlabs/PHP_CodeSniffer  Find External Standards on Packagist https://packagist.org/?query=phpcs&type=phpcodesniffer-standard https://packagist.org/?query=php_codesniffer&type=phpcodesniffer-standard  DealerDirect Composer PHPCS plugin https://github.com/Dealerdirect/phpcodesniffer-composer-installer  PHPCSDevTools, PHPCSUtils, PHPCSExtra, PHPCompatibility et al https://github.com/PHPCSStandards https://github.com/PHPCompatibility

Slide 52

Slide 52 text

Thanks! Slides: https://speakerdeck.com/jrf Feedback: https://joind.in/58212 Follow me: https://twitter.com/jrf_nl https://github.com/jrfnl Sponsor me ;-)

Slide 53

Slide 53 text

Questions ? Clodiney Cruz