Get up and running with exakat

Get up and running with exakat

Get up and running with exakat

Exakat is a smart static analysis engine for PHP. It reviews the code fast and produces reports tailored for every needs : issues and code smell for programmers, inventories and maps for architect ; compilation and configurations lists for sys admins ; dashboards for team leaders. Including over 320 analysis and spanning versions from 5.2 to currently WIP 7.2, it helps you audit your code and keep it under control. Let’s see how to get up and running exakat in 15 mins.

Advantages

  • Runs on any PHP version’s code source
  • Produces standalone reports
  • Produces machine readable reports
  • Open source

Installation process

The installation process has two phases : the exakat.phar binary, and the gremlin3-neo4j database.

This installation process is for linux-like OS. Other installation, using docker, vagrant or ansible are available in the docs.

Pre-requisites

At minimum exakat requires

  • One version of PHP 7.0+ to run. Install multiple versions if you have specifics, or want a wider range of reports.
  • Java 1.8 or more recent.
  • Maven (for installation purposes only)
  • A folder for your installation

Gremlin 3 installation

On Debian, run this in command line :

wget -sL https://raw.githubusercontent.com/exakat/gremlin3neo4j2/master/install.debian.sh | sh

You may read the actual script at the github address : it downloads neo4j, and gremlin 3, compiles it, and install it in the neo4j folder. This may take a minut or two of downloadings.

Exakat installation

Go to dist.exakat.io, and get the latest version.

wget -sL http://dist.exakat.io/index.php?file=exakat-0.11.5.phar -O exakat.phar
md5 exakat.phar 
php exakat.phar version


 ________                 __              _    
|_   __  |               [  |  _         / |_  
  | |_ \_| _   __  ,--.   | | / ]  ,--. `| |-' 
  |  _| _ [ \ [  ]`'_\ :  | '' <  `'_\ : | |   
 _| |__/ | > '  < // | |, | |`\ \ // | |,| |,  
|________|[__]`\_]\'-;__/[__|  \_]\'-;__/\__/                                                                               

Exakat : @ 2014-2017 Damien Seguy. 
Version : 0.11.5 - Build 582 - Tue, 30 May 2017 14:05:17 +0000

First step :

The first step is to run ‘doctor’ which checks that the current configuration is OK. It also creates some skeleton configs for your convenience.

php exakat.phar doctor

The default config is located in config/exakat.ini. You may review it to make sure it fits you. Among important directive, you may consider the following :

  • project_reports : the default list of reports to be produced.
  • php** : the available PHP versions. You may provide PHP by middle versions, from 5.2 to 7.2.
  • token_limit : the largest code base that exakat accepts to run. By default, it is 1000000, which is good for a test run.

First analysis with Exakat

First, get the code.

php exakat.phar init -p goutte -R  https://github.com/FriendsOfPHP/Goutte.git 

This command has two effects : initialize the project, and clone the code. Exakat only reads data : it requires a reading access to the code. It doesn’t write anything nor commit.

After initialization, run the audit :

Php exakat.phar project -p goutte

This command runs several operation : collects the files, ignores common librairies, check compilation, loads the data in the graph database, executes all the analysis and produces the expected reports. Progress bars are displayed along the way.

When it is done, the reports are available in ./projects/goutte/ folder. For example, with firefox, open the file :

file:///projects/goutte/report/index.html

More reports

More reports are available after production. For example, to get a list of directives for this particular project you may go to ‘Audit logs > Directive List’ in the above mentionned report. Or, get it as a file, with this command :

php exakat.phar report -p goutte -format PhpConfiguration -file php

You’ll find a php.ini-dist file in the ‘goutte’ folder, with all the suggested php.ini directives .

Updating the code source

When you’re ready to run a new audit on your code, or run a audit on new code, use the update command :

php exakat.phar -p goutte -v 
Git pull for goutte
No update available (Last commit : Tue Jan 3 05:21:43 2017 -0800)

Then, run the project command again.

Updating exakat

The installation process is only for the first time. Later, you may update exakat with the upgrade command :

php exakat.phar upgrade -v

This checks that your exakat.phar is up to date only. This is a dry-run by default. If you want to upgrade, use the -u option : then, exakat downloads the new version, and replaces itself.

Conclusion

Exakat installation takes less than 15 mins : the next review of your PHP code for compatibility, security or performance, is closer than you think. There are many information and aspects of the code hidden in the exakat reports : take your time to read them, and think about the best option to refactor them.

Follow us on twitter @exakat or on github

Tweet about this on TwitterShare on RedditShare on LinkedInEmail this to someone