Sonar is a platform for continuously inspecting code quality to detect issues, ensure technical debt is under control, and monitor code complexity, duplications, and potential bugs. It provides visual reporting across projects and allows tracking metrics over time. Sonar supports PHP projects using tools like PHP_Codesniffer, PHPUnit, PHP Depend, and PHP Mess Detector. It can be set up with Maven and integrated with Hudson via a plugin or phpUnderControl via Ant tasks to run analysis as part of the continuous integration build process.

1. Sonar - the ring to rule them all Sebastian Marek

3. static code analysis

4. code coverage reports

6. code improvements

7. build stability

9. comments

10. coding rules

11. potential bugs

12. code duplications

13. unit tests

14. complexity

15. What is Sonar? “ Sonar is the central place to manage code quality, offering visual reporting on and across projects and enabling to replay the past to follow metrics evolution” source: http://www.sonarsource.org/

16. Sonar vs. phpUnderControl/Hudson Continuous Integration Platform vs. Reporting Platform

18. PHPUnit

19. PHP Depend

20. PHP Mess Detector

23. PostgreSQL

24. Oracle

25. MS SQL

27. unzip

28. run

29. Preparing for analysis – pom file <project xmlns =&quot; http://maven.apache.org/POM/4.0.0 &quot; xmlns:xsi =” http://www.w3.org/2001/XMLSchema-instance &quot; xsi:schemaLocation =&quot; http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd &quot;> <modelVersion> 4.0.0 </modelVersion> <groupId> org.bovigo </groupId> <artifactId> vfs </artifactId> <name> VFS_Stream </name> <version> 1.0 </version> <!-- For the moment,specify pom as packaging for php projects --> <packaging> pom </packaging> </project>

30. Preparing for analysis – pom file <build> <!-- You cannot omit this one, because maven will implicitely add src/main/java to it --> <sourceDirectory> ${basedir}/src/main/php </sourceDirectory> <testSourceDirectory> ${basedir}/src/test </testSourceDirectory> </build>

31. Preparing for analysis – pom file <!-- some properties that you may want to change --> <properties> <sonar.language> php </sonar.language> <sonar.phpPmd.shouldRun> true </sonar.phpPmd.shouldRun> <sonar.phpCodesniffer.shouldRun> true </sonar.phpCodesniffer.shouldRun> <sonar.phpDepend.shouldRun> true </sonar.phpDepend.shouldRun> <sonar.phpUnit.shouldRun> true </sonar.phpUnit.shouldRun> <sonar.phpcpd.shouldRun> true </sonar.phpcpd.shouldRun> </properties>

32. Maven configuration <profile> <id> php-profile </id> <properties> <sonar.jdbc.url> jdbc:mysql://localhost:3306/sonar?useUnicode=true&amp;characterEncoding=utf8 </sonar.jdbc.url> <sonar.jdbc.driver> com.mysql.jdbc.Driver </sonar.jdbc.driver> <sonar.jdbc.username> sonar </sonar.jdbc.username> <sonar.jdbc.password> s0n4rU53r </sonar.jdbc.password> </properties> </profile>

33. Maven configuration <activeProfiles> <activeProfile> php-profile </activeProfile> </activeProfiles>

34. Performing analysis #> mvn sonar:sonar

36. Hudson via dedicated plugin

37. ant task <target name =&quot; sonar &quot;> <exec dir =&quot; ${basedir}/Source/ &quot; executable =&quot; mvn &quot; failonerror =&quot; false &quot; > <arg line =&quot; sonar:sonar &quot; /> </exec> </target>

38. Code complexity

39. Build results

40. Code violations

41. Time machine

43. http://docs.codehaus.org/display/SONAR/PHP+Plugin

44. @SonarSource

45. http://criticallog.thornet.net/

46. Q&A