Exakat 1.7.5 Review

Exakat 1.7.5 has been a lot of work behind the scenes. All containers, may it be variable, arrays or properties have been refactored to keep track of their usage. The Files/MissingInclude analysis was extended to be configured with constants and variables. You code once, and when the Exakat 1.7.5 review is right, once is sufficient! 

Configuring Inclusion Paths

Missing include is an analysis that searches for missing included files. 

<?php

include PATH . 'my_functions.php';

?>

Nowadays, class inclusions are organized with autoload, which loads classes as they are needed. This is convenient and efficient. 

There are still some direct inclusions in modern code. Templating systems, constant, configuration or function inclusion must still be manually added to the PHP code, as no autoload() is available for them. 

Generally, such inclusions are built with a path prefix, like in the above example. A constant or a global variable provides a root directory, from which the included files may be found. 

As for the analysis, constants and variables are not available to Exakat at auditing time. They are typically outside the code source, provided via config files in other languages (YAML, XML, json…) or via environnement variables ($_ENV and getenv()). By default, paths that can’t be resolved are ignored, to reduce false positives.

With Exakat 1.7.5, you may configure values for those constants and variables. Those are replaced in the inclusion path during the analysis, and then, checked against the list of available files. 

Configuring Missing Include Analysis

To configure this analysis, open the file projects/<name>/config.ini. At the end of the config file, add the following line : 

Files_MissingInclude["HOME_DIR"] = "/tmp/classes/";
Files_MissingInclude["$MY_DIR"] = "/home/my/src/classes/";

Those two lines configure the Files/MissingInclude analysis with a constant and a variable. The constant’s name is HOME_DIR and its value is /tmp/classes/, while the variable’s name is $MY_DIR and its value is /home/my/src/classes/

You may repeat this process as many times as you need, for both variables and constants. Those values will be replaced in include path, with includerequire and their cousin with _once. When the final 

Configuring Other Analysis

Several analysis uses parameters, like Files/MissingInclude. The full list is available in the documentation, in the Specific analyser configuration section.

In particular, Too Many Local Variables and Too Many Parameters

The Weekly Audits: 2019, Week #16

Exakat includes a ‘weekly’ report: this report is built with a selection of five analyses. This means a short audit report, with few issues to review. This is not a lot to read them, and review them in your code. Everyone in the PHP community can focus on one of the classic coding problems and fix it. Talk about the weekly audit around you: you’ll find programmers facing the same challenges.

To obtain the ‘weekly’ audit, run an audit, and request the ‘Weekly’ report.

# Init the project (skip when it is already done)    
php exakat.phar init -p <yourproject> -R https://github.com/Seldaek/monolog.git -git 

# Run the project (skip when it is already done)    
php exakat.phar project -p <yourproject> 

# Export the weekly project (every monday)    
php exakat.phar report -p <yourproject> -format Weekly 

# Open projects/<yourproject>/weekly/index.html in your browser    

Every week, you can find here 5 new analysis to review in your code. In fact, when your code is clean, you can also take a quick look at the upcoming 

Weekly recommendations for PHP code review: 2019, week 2019-16

Happy PHP Code Reviews 

All the 351 analyzers are presented in the docs, including the honest: Should Yield With Key : iteratortoarray() will overwrite generated values with the same key. In particular, this applies when no key is provided in the yield.

It is a rare bug, that bites as hard as it is misunderstood.

You can check all of the Exakat reports at the gallery: exakat gallery.

Download Exakat on exakat.io, install it with Docker, upgrade it with ‘exakat.phar upgrade -u’ and like us on github.