The quality of your code is as important as testing your application. Recently, we have seen multiple articles which hopefully helped you on your way to providing a more stable application. Today, we are going to have a closer look at SensioLabs Insight. If you used Symfony or Silex in the past, you are probably familiar with SensioLabs, since they are the main sponsor of the Symfony framework.
代码质量与测试应用程序一样重要。 最近,我们看到了多 篇文章 ,希望对您提供更稳定的应用程序有所帮助。 今天,我们将仔细研究SensioLabs Insight。 如果您过去使用过Symfony或Silex ,则您可能对SensioLabs很熟悉,因为它们是Symfony框架的主要赞助商。
SensioLabs Insight is a quality assurance tool which can be used to determine the quality of your code. You are probably already aware of QA tools like PHPMD, PHPCPD and PHPUnit, for example. Although SensioLabs Insight has some similar checks, it also does much more. Do note, however, that SensioLabs Insight does not run on your local environment, but rather as a service by SensioLabs.
SensioLabs Insight是一种质量保证工具,可用于确定代码的质量。 例如,您可能已经知道质量检查工具,例如PHPMD,PHPCPD和PHPUnit。 尽管SensioLabs Insight具有类似的检查功能,但它还有很多其他功能。 但是请注意,SensioLabs Insight并非在您的本地环境上运行,而是作为SensioLabs的一项服务运行。
As of this writing, it has 99 checkpoints it scans for. It scans for everything from simple things like var_dump() and TODO: within your code to security issues and performance flaws. You can see a complete list of what they analyze on this page.
在撰写本文时,它具有99个检查点进行扫描。 它扫描从var_dump()简单内容(如var_dump()和TODO:到安全性问题和性能缺陷的所有内容。 您可以在此页面上查看他们分析的完整列表。
In general, your PHP files will be checked. Next to that, it’s also capable of checking for malformed XML or YAML files, potential risks within HTML files and if your composer.lock is up to date. Since this tool is part of SensioLabs, it is of course capable of checking your Symfony and Silex projects. For these kinds of projects, extra checkpoints are added to see if the Symfony config.php file is removed and if the favicon has been changed. However, SensioLabs is also able to check your Laravel, Drupal or any general PHP project.
通常,将检查您PHP文件。 除此之外,它还能够检查格式错误的XML或YAML文件,HTML文件中的潜在风险以及您的composer.lock是否为最新。 由于此工具是SensioLabs的一部分,因此当然可以检查您的Symfony和Silex项目。 对于这些类型的项目,添加了额外的检查点以查看是否删除了Symfony config.php文件以及是否更改了图标图标。 但是,SensioLabs也可以检查您的Laravel,Drupal或任何常规PHP项目。
In the end, it’s a complete tool which probably reports more feedback to you than you would imagine at first. Let’s set up our first project and check out an analysis.
最后,它是一个完整的工具,可以向您报告比最初想象的更多的反馈。 让我们建立我们的第一个项目并检查分析。
Before we can analyse our first project, we need to create an account on SensioLabs Connect first. After that, we can prepare our project. If your project is open source and you don’t mind the analysis becoming public, you can freely use SensioLabs Insight. You are only limited to certain features which you an see on their pricing page. If you are working on a private project or you collaborate with other developers, you need to upgrade to a paid plan.
在分析第一个项目之前,我们需要首先在SensioLabs Connect上创建一个帐户。 之后,我们可以准备我们的项目。 如果您的项目是开源的,并且您不介意分析公开,则可以免费使用SensioLabs Insight。 您仅限于某些功能,这些功能可以在其定价页面上看到。 如果您正在处理一个私人项目或与其他开发人员合作,则需要升级到付费计划。
After you have chosen a plan, you can create a new project by providing a link to your private git repository or to any provider like Github or Bitbucket.
选择计划后,您可以通过提供指向私人git存储库或Github或Bitbucket等任何提供程序的链接来创建新项目。
After clicking the analyse button, SensioLabs Insight will immediately start to check your application for flaws.
单击分析按钮后,SensioLabs Insight将立即开始检查您的应用程序是否存在缺陷。
Let’s have a look at some analysis. For that, I am using an open source project named Jumph. Jumph is a Symfony 2 project which has already been around for a couple of months, so the example below is after already fine tuning the Symfony framework.
让我们看一下分析。 为此,我正在使用一个名为Jumph的开源项目。 Jumph是一个Symfony 2项目,已经开展了几个月,因此下面的示例是在对Symfony框架进行了微调之后。
SensioLabs Insight works with a medal system. Depending on how many issues are found and how heavy the issues are, you are given a certain medal. The best medal you can get is a platinum medal, indicating SensioLabs Insight was unable to detect any problems.
SensioLabs Insight可与奖牌系统配合使用。 根据发现的问题数量和问题的严重程度,您将获得一定的勋章。 您可以获得的最佳奖牌是白金牌,表明SensioLabs Insight无法检测到任何问题。
Based on the issues, it also tries to determine how much work you have left to complete the issues. In my case, it should take me more than 4 days to get everything resolved. From experience, I can tell you that it won’t take you that much time.
根据这些问题,它还会尝试确定您需要完成多少工作才能完成这些问题。 就我而言,解决所有问题都需要我超过4天的时间。 根据经验,我可以告诉您,它不会花费您太多时间。
Let’s move on the most important part: the issues. In my case, you will see that I’m modifying a resource through a GET request. SensioLabs Insight suggests to either change it to a POST, PUT or DELETE request.
让我们继续最重要的部分:问题。 就我而言,您将看到我正在通过GET请求修改资源。 SensioLabs Insight建议将其更改为POST,PUT或DELETE请求。
Next, you will see that SensioLabs found some duplicate code and TODO comments. Although TODO shouldn’t always be a problem, it clearly indicates your application is not completed yet.
接下来,您将看到SensioLabs找到了一些重复的代码和TODO注释。 尽管TODO并不总是一个问题,但它清楚地表明您的申请尚未完成。
What you will also notice is that Symfony is not up to date. Apparently, I am using an older version in my composer.lock file than the current release. In this case, I am using 2.3.16 while 2.3.17 is already available.
您还会注意到,Symfony不是最新的。 显然,我在composer.lock文件中使用的是比当前版本更旧的版本。 在这种情况下,我使用的是2.3.16,而2.3.17已经可用。
If you are interested in seeing where the problem is located, you can click on a certain issue which extends an additional information block.
如果您有兴趣查看问题的所在位置,则可以单击某个问题,该问题会扩展附加的信息块。
SensioLabs Insight clearly indicates in which file and on which line the problem can be found. You also get a clearer description of the problem. In the case of the outdated Symfony framework, there is just a description.
SensioLabs Insight明确指出了在哪个文件中以及哪一行上可以找到问题。 您还将获得更清晰的问题描述。 对于过时的Symfony框架,仅作说明。
If you are working as a team on a project, you can comment on the issue, allowing you to discuss the issue within your team. By clicking open issue, a new issue will be opened in your bug tracker, allowing you to report it to your team. If you feel the item is not an issue, you can easily ignore it. Do note however that you won’t get a platinum badge for ignoring issues.
如果您是团队中的一个项目,则可以对此问题发表评论,以便在团队内部讨论该问题。 通过单击open issue ,将在您的错误跟踪器中打开一个新问题,使您可以将其报告给您的团队。 如果您认为该项目不是问题,则可以轻松忽略它。 请注意,但是您不会因为忽略问题而获得白金徽章。
SensioLabs Insight can check for a lot more issues within your application. The best you can do is to try it out yourself. However, here you have a more extended report I received earlier, indicating my application has some serious issues to deal with.
SensioLabs Insight可以在您的应用程序中检查更多问题。 您能做的最好的就是自己尝试一下。 但是,在这里您有一份更广泛的报告,我先前收到的报告表明,我的申请有一些严重的问题要处理。
You will notice that SensioLabs Insight does some checks you know from other QA tools. For example, duplication of code can also be found by PHPCPD, where unused properties can be found by PHPMD. I am uncertain if SensioLabs Insight leans on these tools or implemented it themselves.
您会注意到,SensioLabs Insight会进行一些其他质量检查工具中已知的检查。 例如,PHPCPD也可以找到重复的代码,PHPMD可以找到未使用的属性。 我不确定SensioLabs Insight是依靠这些工具还是自己实施。
So far we just simply ran an analysis on our project. At some point, you might want to exclude certain tests, change branch or maybe use a database. You are able to configure your project so it meets your criteria. By editing the project, you can indicate the branch to use. You also have a special field in which you can configure in YAML format which tools you actually want to run.
到目前为止,我们只是对我们的项目进行了分析。 在某些时候,您可能想排除某些测试,更改分支或使用数据库。 您可以配置项目,使其符合您的条件。 通过编辑项目,您可以指示要使用的分支。 您还具有一个特殊字段,您可以在其中以YAML格式配置您实际要运行的工具。
For example, this is a piece of the configuration you can use to set up your project.
例如,这是您可以用来设置项目的一部分配置。
ignore_branches: - gh-pages pre_composer_script: | #!/bin/bash cp app/config/parameters.yml.dist app/config/parameters.yml sed -i -e "s/database_user:.*/database_user: root/" app/config/parameters.yml sed -i -e "s/database_password:.*/database_password: Secr3t/" app/config/parameters.yml post_composer_script: | #!/bin/bash ./app/console doctrine:database:create --no-interaction ./app/console doctrine:schema:create --no-interaction ./app/console doctrine:fixtures:load --no-interaction php_ini: | extension=openssl.so extension=mcrypt.so global_exclude_dirs: - vendor - vendors - test - tests - Tests - spec - features - Fixtures - DataFixtures exclude_patterns: - app/check.php - app/SymfonyRequirements.php - web/config.php - web/app_*.php rules: web.missing_robots_txt: enabled: trueIf you are currently developing an open source project, you can freely use SensioLabs Insight. There are some limitations like that you can only view the last 5 analyses for example. SensioLabs was generous enough to share a trial key with us, allowing you to test SensioLabs Insight for one month. All you need to do is register yourself, upgrade your package to either one you like and fill in SLI-LD-141S as the coupon code. All you need to do then is add a new project and check the first analysis it’s doing.
如果您当前正在开发一个开源项目,则可以免费使用SensioLabs Insight。 有一些限制,例如您只能查看最后5个分析。 SensioLabs足够慷慨地与我们共享试用密钥,使您可以测试SensioLabs Insight一个月。 您需要做的就是注册自己,将您的包装升级到您喜欢的一种,然后填写SLI-LD-141S作为优惠券代码。 然后,您需要做的就是添加一个新项目,并检查它正在进行的第一个分析。
If you read my PHP-CI review, you already noticed that I am really loving this tool. I believe it’s a welcome addition to all the QA tools we know. I think the power of the tool is mostly in the fact that it scans for particular frameworks issues. I can imagine many people forgot to delete some files from the standard Symfony framework, and this tool tracks such cases. However, I think it is also very useful for general PHP projects – there are many checks left unmentioned in this post which SensioLabs Insight will perform on your application.
如果您阅读我的PHP-CI评论,您已经注意到我真的很喜欢这个工具。 我相信这是我们所知道的所有质量检查工具的一个受欢迎的补充。 我认为该工具的强大之处在于,它可以扫描特定的框架问题。 我可以想象很多人忘记了从标准Symfony框架中删除某些文件,而该工具会跟踪这种情况。 但是,我认为它对于一般PHP项目也非常有用-这篇文章中有许多未提及的检查,SensioLabs Insight将在您的应用程序上执行这些检查。
If you are using the trial coupon code, share with us in the comments your experiences with SensioLabs Insight. Did it blow you away or did you immediately receive the platinum medal? I would love to hear from you in the comments below.
如果您使用的是试用优惠券代码,请在评论中与我们分享您使用SensioLabs Insight的经验。 它让您大吃一惊还是立即获得了白金牌? 我希望在下面的评论中听到您的意见。
翻译自: https://www.sitepoint.com/check-codes-quality-sensiolabs-insight/