Exakat 1.1.8 review After last week double edition’s review, we needed some quiet time. This week, we upgraded the ‘Randomly sorted arrays’, added two new extensions and closed two nasty bugs. So, here it is, your moment to read the Exakat 1.1.8 review. Support for IBM Db2 and Leveldb ext/ibm_db2 is an interface to IBM […]
07
Mar
Mar
Comment automatiser la revue de code du TOP 10 OWASP ? On ne présente plus le TOP 10 de OWASP : l’Open Web Application Security Project est une organisation à but non lucratif qui oeuvre pour la sécurité des applications. Le Top 10 OWASP liste les risques de sécurité des applications. Il a été conçu afin de […]
06
Mar
Mar
Exakat 1.1.7 review Exakat 1.1.7 and 1.1.6 are reviewed together this week. Two new reports are introduced : Stats and Fitting PHP version. Several new analysis are added : suggestion to use arrayfillkeys(), 4 new PHP extensions, and a TOCTOU classic problem. It is time to walk the Exakat 1.1.7 review. New Stats and Fitting PHP […]
22
Feb
Feb
Exakat 1.1.5 review Exakat 1.1.5 has a few upgrade for the reports and several under the hood enhancements. Such updates are important, as they pave the way to more important future updates, though they are usually not visible. This week, we added a new security report based on OWASP, removed the old ‘Devoops’ report, upgraded […]
13
Feb
Feb
Exakat 1.1.4 review A new week, and an incredible harvest of PHP tricks. Some made it to the Exakat engine, so as to support the language handling; some made it to the analysis, so as to help us develop better. Tricks include array_keys’s extra parameters, unicode codepoint, constant scalar expressions and arrays (sic), dir . Let’s review […]
06
Feb
Feb
Exakat 1.1.3 review I always marvel at the power of small upgrades: improve 1% every day, and you’ll be 30 times better at the end of the year. Add a new analysis every week, and you’ll soon face 400 checks on your code. Since last review, we added the ‘Global Local Variable’ and the ‘Useless […]
23
Jan
Jan
Exakat 1.1.1 review With the new year 2018, we though it was time to dive into a significant upgrade, and so we did. We changed the internal storage of tokens from strings to dictionary: that means less memory consumption, less token manipulations et more speed. It also shifts complexity from one part of the application […]
18
Jan
Jan
PHP assertions and their usage PHP has a clever native debugging tool : the PHP assertions. In a nutshell, assertions are a functioncall to assert(), that triggers an error when a condition is not satisfied. <?php $a = 1; assert($a === 1, ‘$a is not 1’); assert($a === 2, ‘$a is not 1’); ?> Unlike debugging […]
10
Jan
Jan
Les outils d’analyse statique et leur pratique Mardi 16 janvier 2018, à 10h00 (CET), je présente un webinar consacré aux outils d’analyse statique et leur pratique. Durant 30 minutes, nous abordons le fonctionnement interne d’un moteur d’analyse, les motifs de code qu’il permet d’identifier. Nous verrons comment utiliser les performances impressionnantes de l’analyse statique dans le […]
08
Jan
Jan
Exakat 1.0.11 review Happy new year 2018 to you all, code reviewers. The final versions for Exakat in 2017 were small upgrades: we took advantage of the end of the year to remove some bugs, and fix some long waiting tasks. So, in the end, it is the most stable version of Exakat that starts […]