I’ve recently integrated static analysis tools into both my day job’s and CakePHP’s development process. Setting up static analysis tools is reasonably easy and can help you find problems before you even get to unit tests, or staging sites. They are also the ideal tool to help enforce coding standards, and best practices that can be checked by reading the code. There are a few different tools you can use and they all have different purposes. Depending on your project you may find all or some of them useful.
There are several tools for PHP, all with different purposes and goals. Using a mix will give you the most insight into your code from a variety of angles.
- PHP_CodeSniffer Is great for checking and enforcing coding standards. It provides a flexible system to create formatting and naming convention rules that can be output in a number of formats. There are code standards for a number of projects built-in, and if you love CakePHP, there is a CakePHP Codesniffer available.
- PHPCpd Is a tool published by Sebastian Bergman of PHPUnit fame. It analyzes your code and looks for duplicated content. It requires the code to be exactly the same though, so you can cheat by renaming variables. However, I still feel its a valuable tool as it runs quickly and removing blatent copy + paste is valuable in projects of all sizes.
- PHPDepend Measures your code in a number of ways and generates interesting software measurements like cyclomatic complexity, and coupling. I find the metrics it generates useful, but it is considerably slower than other tools so I don’t use it often.
- PHPMD Is a spin-off project of PHPDepend and provides a more user-friendly interface. It also measures cyclomatic complexity, and is helpful for finding sub-optimal code sections. Much like PHPDepend, I’ve found PHPMD a bit slow at times, so I don’t often use it.
- PHPLoc Another great tool published by Sebastian Bergman. It gives you summary information on the number of classes, methods, and constants. It also provides some averages on cyclomatic complexity. Its also considerably faster than PHPMD.
All of these tools can be installed with the
pear installer. To install
phpcpd you can do the following:
- pear config-set auto_discover 1
- pear channel-discover pear.phpunit.de
- pear install PHP_CodeSniffer
- pear install phpunit/phpcpd
- pear install phpunit/phploc
Once installed you can use them on your code:Show Plain Text
- phpcs --standard=CakePHP ./
- phpcpd ./
- phploc ./
Both will output the results on your terminal, and have options for other output formats that integrate with Jenkins much easier.
- npm install -g jshint
Once installed, you can use JsHint to check files for errors by calling the executable:Show Plain Text
- jshint webroot/js/app.js --config app/Config/jshint.config
I find having a jshint.config file lets me declare a bunch of common options I need in a project, and avoid having to repeat the same jshint options at the top of every file. JsHint also has options to support xml output which lets you integrate it with Jenkins. If you don’t want to use the xml output you can still integrate it with jenkins as jshint will exit
1 when the checks fail. This also makes it easy to integrate with other unix tools like
Now that you have a few tools installed, its time to integrate them into your development process, and track your progress against your new standards. One of the easiest ways to convert the output from these tools into something more visual is to use Jenkins. And in the next article, I’ll cover using Jenkins to track output from the various tools, and create a simple makefile to run all the tools at once.