Exakat 1.9.2 releases several reports, and raise readiness for PHP 7.4. And, under the hood, we have some foundation upgrades, that will extend the nature of results from analysis. As they say, you have to look through the rain to see the Exakat 1.9.2 review.
Class dependency diagram
This is a new report : it is the class diagram. It shows all the classes, interfaces and traits. They are sometimes referred to as CIT, as they share the same name pool.
Classes, interfaces and traits may have different relations, which are all reported in this diagram : extension, usage, implementation, but also typehinting and calls (static or not). That makes a lot of cross relations between the classes, and it also explains why we get that nagging feeling of confusion as the number of classes grow.
To obtain this report, first run [an exakat audit], then execute the following command line :
php exakat.phar report -p <project_name> -format Classdependencies
The resulting report is a folder called ‘class_dependencies’, in the projects/<project_name>
folder.
This diagram is an HTML diagram : it is usable from a browser. For security reasons, Chrome and Firefox (and others possibly), won’t load it as a file report (unlike Ambassador, for example). The code must be set up on a web server, and read from it.
File dependency diagram
This is a new report and it is distinct from the previous one. Instead of reporting the relations between classes or CIT, it focuses on relations between files. One file depends on another one when the definitions and the calls are separated : for example, one file holds the definitions, and the other makes usage of it. This means the second file can’t run without the first one.
Files establish relations between themselves using definitions : it includes classes relations, such as extension or calls, just as in the classes diagram. And it also includes constants and functions usage, and, of course, inclusions. This leads to a very intense network of dependencies.
To obtain this report, first run [an exakat audit], then execute the following command line :
php exakat.phar report -p <project_name> -format Filedependencies
php exakat.phar report -p <project_name> -format Filedependencieshtml
The resulting report is a file called ‘filedependencies.dot’, for the first style, and a folder called ‘dependencies’ for the second style, in the projects/<project_name>
folder.
The DOT file is best viewed with a graphviz viewer. From there, it may be turned into various formats, such as PNG, SVG or PDF.
The second diagram is an HTML diagram : it is usable from a browser. For security reasons, Chrome and Firefox (and others possibly), won’t load it as a file report (unlike Ambassador, for example). The code must be set up on a web server, and read from it.
PHP 7.4 readiness
We are now at PHP 7.4.0beta4 and the list of PHP 7.4 features is frozen.
This week, we reached 17 analysis dedicated to PHP 7.4.
For a new PHP version, two types of analysis are produced : one type is the incompatibility, which are collected in the CompatibilityPHP74 ruleset. Those analysis cover the block you may encounter while preparing to move to the new version. Those should be fixed before any migration.
The second type are the suggestions. Once you have cleared all the incompatibility, you may proceed to the new version, and start using the new features. Now, this step is often overlooked, as it is not mandatory : after all, the code still runs fine, otherwise, it would be incompatibility.
So, new features and upgrades are collected in the Suggestions ruleset. This rule set has no specific PHP version : it will suggest any modernisation of the code as long as it is now a PHP feature. So feel free to refactor your code with PHP 7.4 or PHP 5.4 features : it will both be more modern.
If you encounter a situation that is not reported in this list, report it to us on Twitter @exakat or github so we can add it to the list and help the community upgrade to PHP 7.4.
Exakat itself is now tested on PHP 7.4 since August, and may be used with the current beta 4. Until the general availability, the recommended version is still the PHP 7.3.x.
Under the hood : more detailed results
We have started a major refactoring of the way results are stored inside exakat, before being displayed in a report.
Currently, a rule applies to a code, and will designate a point in the code : an expression, a structure (such as function, class), in a file. This is the most common type of results, and currently the only one supported. For example, in `$x = $a + 2 + 0;’, exakat will report ‘2 + 0’ as an issue for Adding Zero rule.
Other types of results include :
- Inventories : they simply designate a type of code, without being an issue
- Networked results : such as class and file dependencies, those results are actually a cloud of nodes, with links. The node and the links are important here.
- Absence of : for example, Should Use session_regenerateid() detect the usage of sessions, but the absence of session_regenerateid(), which is the basic block for session security. This issue has no underlying expression, as it marks its absence. This needs a special result storage.
- Multiple parameter’s results : when reporting Unused Arguments, the method signature is currently reported. This makes more sense than focusing on the parameter itself (
$x
, without the method name), but is less precise when the method has 10 or more arguments. The solution is to report both method name and the argument, for display purposes.
By creating those new categories of results, we plan to upgrade the final results and allow them to follow different standards for better report writing.
The Weekly Audits: 2019, Week #35
Exakat includes a ‘weekly’ report: this report is built with a selection of five analyses. This means a short audit report, with few issues to review. This is not a lot to read them, and review them in your code. Everyone in the PHP community can focus on one of the classic coding problems and fix it. Talk about the weekly audit around you: you’ll find programmers facing the same challenges.
To obtain the ‘weekly’ audit, run an audit, and request the ‘Weekly’ report.
# Init the project (skip when it is already done)
php exakat.phar init -p <yourproject> -R https://github.com/Seldaek/monolog.git -git
# Run the project (skip when it is already done)
php exakat.phar project -p <yourproject>
# Export the weekly project (every Monday)
php exakat.phar report -p <yourproject> -format Weekly
# Open projects/<yourproject>/weekly/index.html in your browser
Every week, you can find here 5 new analysis to review in your code. In fact, when your code is clean, you can also take a quick look at the upcoming analysis.
Weekly recommendations for PHP code review : 2019, week 2019-35
- Could Use Try : Some commands may raise exceptions.
- Throw In Destruct : According to the manual, “Attempting to throw an exception from a destructor (called in the time of script termination) causes a fatal error.
- Avoid Real : PHP has two float data type : real and double.
- Undeclared Static Property : Use the right syntax when reaching a property.
- Access Protected Structures : It is not allowed to access protected properties or methods from outside the class or its relatives.
Happy PHP Code Reviews
All the 360 analyzers are presented in the docs, including the narcissic Could Use str_repeat(): : Use strrepeat() or strpad() instead of making a loop.
This is a unusual situation, with more than 12% of chance to appear.
You can check all of the Exakat reports at the gallery: exakat gallery.
Download Exakat on exakat.io, install it with Docker, upgrade it with ‘exakat.phar upgrade -u’ and like us on github.