Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
Modern Static Code
Analysis in PHP
25 Feb 2016, Mannheim
@kalessil
Introducing myself
• The author of Php Inspections (EA Extended)
o A plugin for PhpStorm adding strong code semantics anal...
Modern Static Code
Analysis in PHP
25 Feb 2016, Mannheim
@kalessil
PHP
• I love the community and hate language itself (not only me)
• Infrastructure around PHP is great (Composer, ZF, Symf...
Modern software
• Getting more complex with each year
o Increases maintenance costs and complexity
o Requires more intelli...
Peer2Peer review still works
But…
Really!
Let’s dig dipper…
• Code Style (formatting, naming, spaghetti code)
o Can be covered by existing (“old”) tools, so easily ...
So how to simplify own life?
Or let machines work for us
Generations of SCA tools
• 1st generation
o Eclipse and other first IDEs
o PHP CodeSniffer
• 2nd generation
o JetBrains ID...
Semantic Analyzers
• Php Inspections (EA Extended)
o Targeting transition of 2nd and 3rd generation tools
o Expert-level c...
Code Style
• Php CodeSniffer (a 1st generation tool)
o CI/local usage available
o Reports code style violations
o Customiz...
SaaS alternatives
SensioLabs Insight
• Framework/CSM centric
• Good technical debt estimation
• 2nd generation tool
Scruti...
In between:
• Based on 1st generation toolst
o But exists “Sonar way” rules
o Only reports issues
o Requires initial confi...
Live demonstration
Thank you!
Nächste SlideShare
Wird geladen in …5
×

von

Modern Static Code Analysis in PHP Slide 1 Modern Static Code Analysis in PHP Slide 2 Modern Static Code Analysis in PHP Slide 3 Modern Static Code Analysis in PHP Slide 4 Modern Static Code Analysis in PHP Slide 5 Modern Static Code Analysis in PHP Slide 6 Modern Static Code Analysis in PHP Slide 7 Modern Static Code Analysis in PHP Slide 8 Modern Static Code Analysis in PHP Slide 9 Modern Static Code Analysis in PHP Slide 10 Modern Static Code Analysis in PHP Slide 11 Modern Static Code Analysis in PHP Slide 12 Modern Static Code Analysis in PHP Slide 13 Modern Static Code Analysis in PHP Slide 14 Modern Static Code Analysis in PHP Slide 15 Modern Static Code Analysis in PHP Slide 16 Modern Static Code Analysis in PHP Slide 17 Modern Static Code Analysis in PHP Slide 18
Nächste SlideShare
PHPcon Poland - Static Analysis of PHP Code – How the Heck did I write so many Bugs?
Weiter
Herunterladen, um offline zu lesen und im Vollbildmodus anzuzeigen.

2 Gefällt mir

Teilen

Herunterladen, um offline zu lesen

Modern Static Code Analysis in PHP

Herunterladen, um offline zu lesen

Modern Static Code Analysis in PHP: tolls generations, tools examples and my opinionated vision of things.

Ähnliche Bücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

Ähnliche Hörbücher

Kostenlos mit einer 30-tägigen Testversion von Scribd

Alle anzeigen

Modern Static Code Analysis in PHP

  1. 1. Modern Static Code Analysis in PHP 25 Feb 2016, Mannheim @kalessil
  2. 2. Introducing myself • The author of Php Inspections (EA Extended) o A plugin for PhpStorm adding strong code semantics analysis • A contributor of Symfony 1.5 and Symfony 2 o With SCA focus of course • A contributor of PHP CS Fixer o SCA and contributed fixers • Background is PHP/Java Expert level in Enterprise
  3. 3. Modern Static Code Analysis in PHP 25 Feb 2016, Mannheim @kalessil
  4. 4. PHP • I love the community and hate language itself (not only me) • Infrastructure around PHP is great (Composer, ZF, Symfony, Yii, Hosting and etc.) • Php has low entry level for new developers (hits code quality) • Php has 2 really important characteristics (hits apps life-cycle) o It’s fast to go on a market when you develop apps in PHP o It’s painful to maintain survived applications
  5. 5. Modern software • Getting more complex with each year o Increases maintenance costs and complexity o Requires more intelligent tools • Continuous Integration and Delivery o Increases costs of failures at delivery phase o Raises additional stability requirements to development processes • Agile development processes o Affects code quality and introducing un-finished code/features o Requires more intelligent tools
  6. 6. Peer2Peer review still works
  7. 7. But…
  8. 8. Really!
  9. 9. Let’s dig dipper… • Code Style (formatting, naming, spaghetti code) o Can be covered by existing (“old”) tools, so easily solvable • Lack of API knowledge o Remember low entry level of PHP o You have to educate people (or tools can do it just during development) • Obviously inefficient code constructs o Remember low entry level of PHP o Remember Agile processes o You have to reject this (or tools can do it just during development) • Lack of team experience o That’s team work (but tools still can educate during development)
  10. 10. So how to simplify own life?
  11. 11. Or let machines work for us
  12. 12. Generations of SCA tools • 1st generation o Eclipse and other first IDEs o PHP CodeSniffer • 2nd generation o JetBrains IDEs + SCA plugins o SensioLabs Insight, Scritinizer, SonarCube o Exacat, PHP CS Fixer • 3rd generation o We’ll see them soon, expert systems specialized on code defects o SCA tools based on PHP 7 real PSI tree (presented in JB IDEs currently)
  13. 13. Semantic Analyzers • Php Inspections (EA Extended) o Targeting transition of 2nd and 3rd generation tools o Expert-level code reviews o “In-stream" analysis, when developers are not disturbed o Productivity booster (automated code adjustments) o CI usage available o Requires no configurations at start, just install the plugin • Exakat o Targeting transition of 2nd and 3rd generation tools o CI/local usage available o Expert-level code reviews
  14. 14. Code Style • Php CodeSniffer (a 1st generation tool) o CI/local usage available o Reports code style violations o Customizable and extendable • PHP CS Fixer (a 2nd generation tool) o CI/local usage available o Fixes code style violations o Customizable and extendable
  15. 15. SaaS alternatives SensioLabs Insight • Framework/CSM centric • Good technical debt estimation • 2nd generation tool Scrutinizer • Plays nicely with Open Source • A little bit noisy • Based on 1st generation tools ("old” tools)
  16. 16. In between: • Based on 1st generation toolst o But exists “Sonar way” rules o Only reports issues o Requires initial configuration, or not really usable • IDEs integration • Multi-language projects supported o But unfortunately not all • Integrated metrics and code style presets
  17. 17. Live demonstration
  18. 18. Thank you!
  • matipl

    Sep. 25, 2018
  • mrasnika

    Feb. 24, 2018

Modern Static Code Analysis in PHP: tolls generations, tools examples and my opinionated vision of things.

Aufrufe

Aufrufe insgesamt

1.351

Auf Slideshare

0

Aus Einbettungen

0

Anzahl der Einbettungen

10

Befehle

Downloads

13

Geteilt

0

Kommentare

0

Likes

2

×