phan (new static analysis tool) is now voting on MediaWiki core

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

phan (new static analysis tool) is now voting on MediaWiki core

Legoktm
Hi!

Thanks to some awesome work by Erik Bernhardson, phan[1], a new static
analysis tool, is now voting[2] on MediaWiki core patches.

It's significantly more advanced than any of our other current tools,
and should help identify some types of errors. It uses PHP 7's AST to
process code, but is capable of analyzing PHP5 code.

There's documentation on mediawiki.org[3] about how it is currently
configured, and how to set it up locally. You'll need PHP 7 with the ast
extension to actually run phan. If that's not possible for your system,
you can rely on jenkins to run it for you.

[1] https://github.com/etsy/phan
[2] https://phabricator.wikimedia.org/T132636
[3] https://www.mediawiki.org/wiki/Continuous_integration/Phan

-- Legoktm

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: phan (new static analysis tool) is now voting on MediaWiki core

Sam Wilson-2
This is brilliant! :-)

Is it possible now to add Phan to extensions' CI as well?


On 13 December 2016 at 10:41, Legoktm <[hidden email]> wrote:

> Hi!
>
> Thanks to some awesome work by Erik Bernhardson, phan[1], a new static
> analysis tool, is now voting[2] on MediaWiki core patches.
>
> It's significantly more advanced than any of our other current tools,
> and should help identify some types of errors. It uses PHP 7's AST to
> process code, but is capable of analyzing PHP5 code.
>
> There's documentation on mediawiki.org[3] about how it is currently
> configured, and how to set it up locally. You'll need PHP 7 with the ast
> extension to actually run phan. If that's not possible for your system,
> you can rely on jenkins to run it for you.
>
> [1] https://github.com/etsy/phan
> [2] https://phabricator.wikimedia.org/T132636
> [3] https://www.mediawiki.org/wiki/Continuous_integration/Phan
>
> -- Legoktm
>
> _______________________________________________
> Wikitech-l mailing list
> [hidden email]
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l




--
User:SWilson (WMF) <https://meta.wikimedia.org/wiki/User:SWilson_(WMF)>
Community Tech
Fremantle, Western Australia
_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: phan (new static analysis tool) is now voting on MediaWiki core

Stas Malyshev
In reply to this post by Legoktm
Hi!

> There's documentation on mediawiki.org[3] about how it is currently
> configured, and how to set it up locally. You'll need PHP 7 with the ast
> extension to actually run phan. If that's not possible for your system,
> you can rely on jenkins to run it for you.

I wonder how hard would it be to add php7/phan to mediawiki-vagrant?

--
Stas Malyshev
[hidden email]

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: phan (new static analysis tool) is now voting on MediaWiki core

Legoktm
In reply to this post by Sam Wilson-2
Hi,

On 12/12/2016 10:03 PM, Sam Wilson wrote:
> Is it possible now to add Phan to extensions' CI as well?

That's the next step :). Filed
<https://phabricator.wikimedia.org/T153039> for it.

-- Legoktm

_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l
Reply | Threaded
Open this post in threaded view
|

Re: phan (new static analysis tool) is now voting on MediaWiki core

Erik Bernhardson
Getting Phan voting is a great first step, but we need everyone's help to
improve the strictness of analysis we apply. For this initial rollout Phan
is only voting on critical errors. These are typically PHP fatal errors
like referencing a class that doesn't exist (missing use statement?) and
calling methods that don't exist (fat fingers? Incomplete refactor?).

I'll soon have merged a change that reduces the minimum error level from
critical to low, and adds a blacklist of all issue types that currently
exist. Please take a look at tests/phan/config.php and choose a type to
fix.  There is a comment with each item that says how many exist. Remove
the item from the blacklist, fix the issues, and get it merged to
strengthen the analysis we apply to all patches.

I should also note that Phan isn't trying to guarantee that code is
correct. It is trying to find code that is most likely to be incorrect.
There are occasionally false positives but that's life. A patch
implementing per line issue suppression is being worked on to address these.

On Dec 12, 2016 11:24 PM, "Legoktm" <[hidden email]> wrote:

> Hi,
>
> On 12/12/2016 10:03 PM, Sam Wilson wrote:
> > Is it possible now to add Phan to extensions' CI as well?
>
> That's the next step :). Filed
> <https://phabricator.wikimedia.org/T153039> for it.
>
> -- Legoktm
>
> _______________________________________________
> Wikitech-l mailing list
> [hidden email]
> https://lists.wikimedia.org/mailman/listinfo/wikitech-l
_______________________________________________
Wikitech-l mailing list
[hidden email]
https://lists.wikimedia.org/mailman/listinfo/wikitech-l