Exakat 0.10.7 (Immortal Antelope Power) ships with a lot of behind the scene works, and little to show. This is now becoming a classic: we need to collect a lot of data from frameworks or PHP, store them by version, and generate… a boolean. All that work for so little. But, in the end, it is so helpful that we keep doing it.
Support for Slim framework
Exakat 0.10.7 gets the first support for the Slim PHP Framework. Currently, exakat detect slim usage, and report compatibility with every version.
Slim Framework is a micro-framework, with 22 versions from 1.0 to 3.8 (excluding minor versions). It has a growing number of classes, traits and interfaces: the last version has 79 of them. Minor versions are omitted as they usually don’t bring or remove any structures. Over the various versions, that is 164 distinct structures.
Exakat detects all usage of those structures in the code: new classes, interfaces implementation, static call (if any), instance of, aliases… Then, it checks if Slim classes are mentioned, relying on the fully namespaced name of the class, and report them.
Slim version compatibility
Once the usage of slim is confirmed, it is possible to break down compatibility by version. A code that use Slim is compatible with a specific version if all the classes used also belong to the named version.
For example, \Slim\App is available across all 3.0.0 versions, while \Slim\Handlers\AbstractHandler is only introduced in 3.4.0. When finding those two classes in a source code, we can conclude that it uses Slim, and is compatible with Slim 3.4.0 and more. Compatibility with 3.0.0 to 3.3.x means dropping the AbstractHandler.
Version checking is a first step for the slim framework. We’ll be adding more analysis covering classic mistakes: forgetting that $response is immutable, using echo in route functions, accessing $_GET or $_POST, and such. Thanks to Rob Allen for his help and guidance, and his slimbookshelf application that was audited.
Zend Framework 3 progress
Zend Framework 3 received its share of attention, and exakat now covers 17 of its sixty components. Here is a the resulting overview of the compatibility for opentickets, component by component. You can see the used components, and their respective version of compatibility.
Happy PHP code auditing
Exakat 0.10.7 prepared quite a lot of structures to support new frameworks. Work on Zend Framework 3 continues, in preparation for the upcoming Zend Days 2017 in Paris. Slim started and it should be easy to add support for others frameworks.
Feel free to get in touch if you want yours to be considered. We work on open source frameworks, and on in-house enterprise frameworks : it does help users to migrate to new versions when they know what to target.
We are also looking for Slim and Zend Framework 3 open source software, so we can test exakat on them. Please, send them on twitter, to @exakat, for review.
All the 300+ analyzers are presented in the docs, including the classic ‘No repeated print‘. Download Exakat on exakat.io, upgrade it with ‘exakat.phar upgrade -u’ and like us on github.