Exakat 1.8.0 Review Exakat 1.8.0 main new feature is the support for ‘in-code review’ : using .exakat.yml, you may run an audit from within the repository. This is particularly useful for CI. More PHP 7.4 support was added, with the upcoming change of precedence with addition and concatenation. For the current versions, Exakat is now […]
Exakat 1.7.7 Review Exakat 1.7.7 brings two new analyses : implode() with one argument, and a sneaky security vulnerability. It is the infamous check with integers. Show me the Exakat 1.7.7 review now! Implode() with one argument Implode() is a PHP native function, which has been around since the last millennium. I am pretty certain […]
Exakat 1.7.6 Review Exakat 1.7.6 provides a new report that configure php-cs-fixer and automates fixes in the code. This means that after a good audit, the code may be systematically updated and cleaned of all issues for the next audit. We also introduced a detector for PHP overridden functions, array_merge() used raw with ellipsis and […]
Exakat 1.7.4 Review This week, Exakat 1.7.4 opened the bug hunt season. Many analysis bugs were tracked and removed from the code, leading to the cleanest version of Exakat yet. Identical files in a code repository are now omitted, but one, automatically. And it is possible to configure the target reports from the command line, […]
Exakat 1.7.3 review This week, Exakat 1.7.3 version upgrades the reports, with the automated detection of identical files, and the grouping of global variables. We shall never know all the good that a simple Exakat 1.7.3 review can do. Report of Identical Files The Ambassador report added a new item on the menu : in […]
Exakat 1.7.2 Review The Exakat 1.7.2 version brings more grunt work for the engine, and fewer surprises for your audits. This week, we extended the support for ignored classes to functions and constants: ignore any file in the configuration, and Exakat keeps in mind when it contains definitions. Also, the automated detection of large libraries […]
Exakat 1.5.5 Review Exakat 1.5.5 is the sinkterklas version : it brings a lot of speed, reports and analysis on its boat, from Spain. Seriously, Exakat 1.5.5 now reports your HTTP headers for unsafe configuration; it also suggests speed up tricks for fputcsv(), and it recommends using the file() functions, instead of fileget_contents(). Then, Exakat […]
Exakat 1.5.4 Review Exakat 1.5.4 is an under-the-hood upgrade. On the visible side, we added a check for unreachable class constants, since class constant got their visibility option; refrain from self in interfaces, as they behave unexpectedly, and should have destructor, for long-running PHP applications. On the hidden side, many refactoring have been applied, and […]
The Land Where PHP Uses eval() It is 2018, and the PHP world useseval() in more than 28% of every PHP code source. It is repeatedly reported as a security issue and a performance bottleneck, and a memory hazard. Yet, we can’t get rid of it. It seems reasonable to think that most of eval […]
Exakat 1.4.6 review Exakat 1.4.6 is mostly made up of bug fixes. A number of edges cases were discovered last week and eradicated : they provide greater stability to the engine. So we took more time to augment the documentation, providing real code case and related PHP error messages that Exakat helps avoid. Error messages […]