Another week, another set of features for Exakat 1.3. This week we worked on the local idioms: the Ambassador audit now reports the fight between strict and relaxed comparison, along with > or < preference. Also, we sped up the processing a bit, by moving the internal structure. Finally, git will fail silently if credentials are necessary. All in all, an excellent Exakat 1.3.2 review.
Git fails silently when credentials fail
Those were two interesting bits of learning last week. First, git supports an environment variable called
GIT_TERMINAL_PROMPT. When set to 0, git will avoid asking the username and the password if the remote server asks for it : it will simply fail with an error, that Exakat can catch. This allows for a smoother batch processing of Exakat, when you have to handle several projects in a row.
The second bit of learning is the important
config.ini file. Each project, stored in the
projects folder has a
config.ini file. This is where the initial information about the code location are stored. In case you need to update it, there is
project_url which handles the projects URI, including login and password.
You may also change various configurations for the project itself, including the special configuration directives. Those allow some of the analysis to be adapted, case to case. They are listed in the Specific analyser configurations and in each rules’ documentation. For example, Too many local variables is one rule you may want to update.
The local PHP idiom
With its vast array of features and functions, PHP is so vast that no one speaks it fluently and plainly. Depending on the personality of your team and your projects, its history, you may favor some specific features over others.
Examples are legions. They may easily start a trenches war between the ones who like
echo, the ones who prefer
printf or any contemplating system.
Although they all provide small advantages over the competition, it is nearly impossible to convince anyone about it. In fact, however we (and I) wouldn’t change our opinion, it happens that we happily adopt any local convention as soon as they are important enough to keep the harmony in the team.
The main problem is often to discover those common practices. And this is why Exakat offers a whole section to them. You’ll find them in the
Favorites sections, also known as the local idiom.
There, you’ll find over 20 different idioms reported. There may be three situations, when looking at the pie chart. Let’s say we look at
strict versus relaxed comparison.
Exakat checks the code for any usage of
!==. It split them between
strict, then checks the ratio.
strictis over 90%, then
relaxedis not the standard. All
relaxedusage is considered a violation and is reported as such.
relaxedis over 90%, then
strictis not the standard. All
strictusage is considered a violation and is reported as such. This is the exact contrary to the above.
- Finally, if the ratio is anywhere between 90 % and 10%, then the situation is not settled enough to be important. Either this choice was not made, or it is still being worked on: the ratio is presented and you may simply look at it and ‘bah’ it.
Those pie chart are definitely interesting to visit when starting with a new piece of code: those conventions and practices are the personality, and you’d better adopt it unless you like running into a beehive.
Speed up the engine
We’ve been working on several fronts to speed up the engine. You may notice that some early analysis disappeared : they used to provide some inventories, like integers or strings, which are now collected by other means. That means less work for the database.
The slower analysis are also being refactored, now that the underlying engine provides more infrastructures. For example, nowadays Functioncalls are directly linked to their definitions, making checks on arguments easier to do.
Happy PHP code reviews
All the 352 analyzers are presented in the docs, including the thoughtless Use === null : it is faster to use === null instead of is_null(). Although this is a micro-optimization, given the amount of usage of this function (top 30 of all PHP functions and its usage in loops, it probably yields more than little. Besides it is a common bug : 48% applications are vulnerable.
You can check all of the exakat reports at the gallery: exakat gallery.