Search by 
struggle-for-php / sfp-deptrac-builtin
Deptrac extension to enforce application on framework rule.
0.2.0
2023-03-18 02:27 UTC
Requires
- php: ~8.1.0 || ~8.2.0
- qossmic/deptrac-shim: ^1.0.2
Requires (Dev)
- bamarni/composer-bin-plugin: ^1.8
- laminas/laminas-coding-standard: ^2.4
- nikic/php-parser: ^4.13.2
- phpunit/phpunit: ^9.6
- psalm/plugin-phpunit: ^0.18.4
- squizlabs/php_codesniffer: ^3.7
- vimeo/psalm: ^5
README
PHP Web application on framework should not use network function like header().
But this rule is Implicit !.
This extension is attempted to find violate such rule.
Example
- examples/src/Action/UserShowAction.php includes
public function handle(ServerRequestInterface $request): ResponseInterface
{
\header('Location: http://www.example.com/');
}
$ cd examples/
$ ./vendor/bin/deptrac analyse
107/107 [▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓▓] 100%
----------- ----------------------------------------------------------------------------------
Reason Action
----------- ----------------------------------------------------------------------------------
Violation Foo\Action\UserShowAction must not depend on header() (Sending Raw HTTP)
/home/sasezaki/dev/sfp-deptrac-builtin/examples/src/Action/UserShowAction.php:20
----------- ----------------------------------------------------------------------------------
-------------------- -----
Report
-------------------- -----
Violations 1
Skipped violations 0
Uncovered 24
Allowed 48
Warnings 0
Errors 0
-------------------- -----
Q&A
-
Q. Why not use PHPCS
forbiddenFunctionNames?- A. IMO,
forbiddenFunctionNamesis only should be used for dangerous function (its own) or alias function. Reason of forbiddenheader()usage in application is layer problem.
- A. IMO,
-
Q. When called
header()with'Location: ..., then should be calledexit()on same scope, is it not ?- A. Maybe..
Inspired
This extension is developed inspired from this talk.