Exakat 1.7.1 review

Exakat 1.7.1 review

Exakat 1.7.1 Review

The Exakat 1.7.1 fixes the bugs reported from last week’s major upgrade. ‘Concentrated issues’ is a new section for the Ambassador report, which puts lines of code that collected the most errors. The Exakat engine also received an upgrade to support ‘Virtualproperty’. The Quality section reached 2900 UT tests (again). Every great code begins with the Exakat 1.7.1 review!

Concentrated issues

The Ambassador report (-format=Ambassador) has a new section that reports lines of code that collected five or more issues. In the example below, you can see the file name, the line number and the list of analysis that reported errors.


where in the code are the lines with the most issues

Exakat Concentrated issues : where in the code are the lines with the most issues


The count of error is the number of occurrences in total : some listed analysis has more than one occurrence. This is why the list in the analysis column has fewer than 25 elements : they are repeated. Here is the offending code :


addNotification($type='N', $title='Addon has been activated', $message=implode('<br>', $success), $state='U', $callbackOnClose='', $callbackReference='');

In particular, Buried assignation happens several times, since variables like $state are assigned at calltime. Documentation is available for each analysis that is reported.

Concentrated issues is a good start when you want to start reviewing code : more issues in the same line of code means

We also considered other concentrated areas : by blocks of line (several lines together), by method or by class. Ping us on slack or Twitter if you think it is useful, and we’ll include them in upcoming versions.

2900 Unit Tests

Exakat has covered the engine and the rule sets with unit tests. Those are crucial to avoid introducing regression without knowing about them. At the moment, there are 2900 tests, and 11194 assertions.

Every time the engine or an analysis is changed, the unit tests are run against the new code base and any deviation is diagnosed and removed.

In the same time, old analysis is refactored, using more modern approaches than the one they were built upon : as the engine evolves, an analysis may deprecate or be limited by the language they used. As long as the unit tests are still passing, refactoring is good. Those refactoring also trigger inspiration, and more tests are added. This shape the future of an analysis.

Unit tests for Exakat include two aspects. The first is the patterns we want to find in the code : this is classic for unit tests. The second one is the patterns we want not to find in the code. Note that the negation is on the second verb, ‘find’. We fight false positives with this second aspect, simply by adding tests that signal a situation that is not desirable.

Unit tests are run with PHPUnit, and they each include a piece of PHP code, as the input, and a list of wanted and unwanted patterns, from the code. There are always both those aspects in one unit test. We regularly check that unit tests are fresh, by removing the input code : all tests should then fail. Any test that pass without any code is refactored : this should not happen, unless for rare situations, such as reporting a whole file as an error.

There used to be more than 3000 unit tests, but they were moved to external extensions, and that reduced the number of tests in the main repository of Exakat. This was a dark day, since unit tests are always supposed to be more numerous, so we are now on a path to catch up!


Internally, Exakat prepares the PHP code by linking calls to members, constants and methods of a object with the definition. For example, there is a link between $this->p and private $p = 1; in the following code :

class foo {   
   private $p = 1;

   function foo() {     
      return $this->p;

Generally, it is recommended to always declare properties, as PHP uses those definitions to optimize memory allocation : it allocates memory en masse for the object. On the other hand, using an undefined property tends to require a last-minute memory allocation that slows PHP.

Also, having the definition makes it easier to move find all usages of a member, across methods and inherited classes. The definition acts as a central point, that leads to all usages. This is the base for analysis like Inconsistent Usage which spots members that are used as different types of data : string, array, object, while linked to the same class.

This is one of the special atoms that Exakat engine uses to define part of the code that are not explicitly available in PHP. Among others, there are the Sequence, which defines a string of expressions, separated by a semicolon, the Usetrait and Usenamespace, which are contextual versions of use expression, or Functioncall, which represents a call to a function.

The internals of the Exakat engine are documented online.

The Weekly Audits : 2019, Week #11

Exakat includes a ‘weekly’ report : this report is built with a selection of five analyses. This means a short audit report, with few issues to review. This is not a lot to read them, and review them in your code. Everyone in the PHP community can focus on one of the classic coding problems and fix it. Talk about the weekly audit around you : you’ll find programmers facing the same challenges.

To obtain the ‘weekly’ audit, run an audit, and request the ‘Weekly’ report.

# Init the project (skip when it is already done)    
php exakat.phar init -p <yourproject> -R https://github.com/Seldaek/monolog.git -git 

# Run the project (skip when it is already done)    
php exakat.phar project -p <yourproject> 

# Export the weekly project (every monday)    
php exakat.phar report -p <yourproject> -format Weekly 

# Open projects/<yourproject>/weekly/index.html in your browser    

Every week, you can find here 5 new analysis to review in your code. In fact, when your code is clean, you can also take a quick look at the upcoming

Weekly recommendations for PHP code review : 2019, week 12

Happy PHP Code Reviews

All the 356 analyzers are presented in the docs, including the representative : Or Die : it is the classic old style failed error management, that everyone learnt in the PHP manual.

It is an infrequent source of overwork in the code : 13% of applications are falling for this misguided type hint.

You can check all of the Exakat reports at the gallery: exakat gallery.

Download Exakat on exakat.io, install it with Docker, upgrade it with ‘exakat.phar upgrade -u’ and like us on github.