yapc::na 2007 - an introduction to perl critic
If you can't read please download the document
TRANSCRIPT
PowerPoint Presentation
An Introduction To Perl Critic
YAPC::NA 2007
Houston, TX
Josh McAdams
What is Perl Critic?
- Think 'use warnings' or 'use strict' ... only more (or less)
- Why more? ... Perl Critic looks beyond mere syntatical correctness - for instance, are you using CamelCase sub names?
- Why less? ... Perl Critic doesn't actually compile your code - Your code is parsed as a 'document' thanks to PPI - Invalid code could possibly pass a critique
A Basic Example
Let's write some code...
#!/usr/bin/perl
print Roger That Houston\n;
... I told you it was basic
hello_houston.pl
A Basic Example
So, let's run perlcritic...
--(0)> perlcritic hello_houston.pl Code before strictures are enabled at line 3, column 1. See page 429 of PBP. (Severity: 5)
... what, we have problems already?
A Basic Example
What just happened?
--(0)> perlcritic hello_houston.pl Code before strictures are enabled at line 3, column 1. See page 429 of PBP. (Severity: 5)
It told us how bad our code is!and it complained about a violationand where to find more details on why what we did was wrong.We ran perlcritic
Perl Critic Policies
- What is Perl Critic judging our code on? ... Policies ... in this case TestingAndDebugging::RequireUseStrict
- What are Policies? ... rules that Perl Critic enforces ... Perl Critic is packaged with many ... they can be big things that can lead to bugs (our example) ... or little things that are mostly cosmetic ... found in the Perl::Critic::Policy namespace
- Who comes up with these Policies? ... the Perl Critic maintainers ... Perl Critic extension authors ... You... let's see an example of a cosmetic policy
A Cosmetic Example
Here's the code...
#!/usr/bin/perl
use strict;use warnings;
sub CamelCaseSub { print "Hey, I'm a CamelCase subroutine\n"; return;}
CamelCaseSub();
any bets on what the error is?
cosmetic_example.pl
A Cosmetic Example
So, let's run perlcritic...
--(0)> perlcritic cosmetic_example.pl cosmetic_example.pl source OK
... wow, we have great code!
A Cosmetic Example
Not so fast...
--(0)> perlcritic -severity 1 cosmetic_example.pl RCS keywords $Id$ not found at line 1, column 1. See page 441 of PBP. (Severity: 2)RCS keywords $Revision$, $HeadURL$, $Date$ not found at line 1, column 1. See page 441 of PBP. (Severity: 2)RCS keywords $Revision$, $Source$, $Date$ not found at line 1, column 1. See page 441 of PBP. (Severity: 2)No "VERSION" variable found at line 1, column 1. See page 404 of PBP. (Severity: 2)Mixed-case subroutine name at line 6, column 1. See page 44 of PBP. (Severity: 1)
... eek, what happened?
Policy Severities
- Who opened the flood gates? ... we did, by asking for a new severity
- What are severities? ... weights assigned to policies ... most severe violation = 5 ... least severe violation = 1
- Who assigns these severities? ... module authors ... if you disagree, you can change the severity
Severity Levels
- What are the severity levels?
5 = gentle (the only one checked by default) 4 = stern 3 = harsh 2 = cruel 1 = brutal
- When you request any severity you get all severities above that level- You can request a severity level by number or by name- It can be helpful to start examining your code at gentle and work your way down
Yet Another Example
Here's the code...
#!/usr/bin/perl
# $Id$
use strict;use warnings;use Config;
our $VERSION = 0.1;
print "Hipster\n" if $Config{'osname'} eq 'darwin';
any bets on what the error is?
yet_another_ex.pl
Yet Another Example
Just like we expected...
--(0)> perlcritic -brutal yet_another_ex.pl Postfix control "if" used at line 11, column 19. See pages 93,94 of PBP. (Severity: 2)
... but I like the postfix if?
Excluding Policies
We can selectively exclude policies...
--(0)> perlcritic -brutal -exclude \ ProhibitPostfixControls \ yet_another_ex.pltrailing_if.pl source OK
... better, but a PITA
Persistent Configuration
- How about making my preferences persistent? ... sure, just create a .perlcriticrc file
- .perlcriticrc? ... it's just a configuration file with your preferences ... basically an INI file format ... place it in your home directory ... or specify it on the command line
... let's see a file
Excluding Policies
Let's see the file...
--(0)> cat ~/.perlcriticrcexclude = ControlStructures::ProhibitPostfixControls
... okay, not much there, but it saves some typing
Excluding Policies
And it does the trick...
--(0)> perlcritic -brutal yet_another_ex.pl yet_another_ex.pl source OK
... there are other options though
Excluding Policies
Here's an alternative method...
--(0)> cat ~/.perlcriticrc[-ControlStructures::ProhibitPostfixControls]
... so, why one way or the other?
Excluding Policies
The 'exclude =' configuration gets ignored when the 'exclude' option is used on the command line
... also, what if 'if' is the only postfix operator I want?
Persistent Configuration
Pass arguments to the policy constructor...
--(0)> cat ~/.perlcriticrc[ControlStructures::ProhibitPostfixControls]allow = if
... let's check out a bigger example
Persistent Configuration
A more interesting configuration file...
--(0)> cat ~/.perlcriticrcseverity = 2top = 5exclude = Editor::RequireEmacsFileVariables
[ControlStructures::ProhibitPostfixControls]severity = 4allow = if unlesstheme = iffy
... themes?
Themes
- What are these themes you speak of? ... similar to tags or labels ... think del.icio.us ... themes classify Policies and allow them to be grouped together for purposes of running or excluding
- What are some common themes? core = the policies that come packaged with Perl Critic pbp = policies that apply to Perl Best Practices bugs = policies that typically indicate bugs in your code ... there are many/infinitely more, just look at the policy docs
Specifying Themes
Let's specify some themes to look for...
--(0)> perlcritic \ -theme '(pbp || (bugs && security)) && !cosmetic' \ trailing_if.pl trailing_if.pl source OK
... perlcritic -list shows all policies, themes and severities
One Time Exceptions
- What happens if I want to respect a policy, but for some reason can't in this one instance? ... for instance sub-classing DBI and overriding 'connect'...
package DBIxUseless;
use warnings;use strict;use base qw(DBI);
our $VERSION = 1;sub connect { return shift->SUPER::connect(@_) }
1;
... let's see what happens
One Time Exceptions
- Running perl critic
--(0)> perlcritic DBIxUseless.pm Subroutine name is a homonym for builtin function at line 9, column 1. See page 177 of PBP. (Severity: 4)
... I just can't help it though
A Pseudo-Solution
package DBIxUseless;
use warnings;use strict;use base qw(DBI);
our $VERSION = 1;
sub connect { ## no critic (ProhibitBuiltinHomonyms) return shift->SUPER::connect(@_) }
1;
Pseudo-pragma allows for you to turn off all or specific criticisms for individual lines of code
A Pseudo-Solution
#!/usr/bin/perl
use warnings;use strict;
## no critic (ProhibitPostfixControls)
print Hi\n if $^O eq 'darwin';print Hello\n if $^O =~ /win/i;
## use critic
It even works with blocks of code
... you can use theme names too
In Review
- That is Perl Critic in a nutshell ... the system consists of a bunch of policies ... that have a name ... and a severity ... and one (maybe zero) or more themes ... the system can be configured ... by selectively blocking off criticism for specific code ... by ignoring policies ... by changing the severity of policies ... by looking a specific themes ... by tweaking the policies ... severity ... themes ... configuration
... but you still have to remember to run perlcritic, unless
Criticism Pragma
package DBIxUseless;
use warnings;use strict;use base qw(DBI);use criticism;
our $VERSION = 1;sub connect { return shift->SUPER::connect(@_) }
1;
You can use the criticism pragma...
... scary!
Criticism Pragma
- The criticism pragma ... runs Perl Critic every time you run your code ... keeps you from having to remember to run perlcritic ... creates additional runtime overhead ... is easy to accidentally leave in your production code
... there has to be a better way
Test::Perl::Critic
use Test::Perl::Critic;
all_critic_ok();
- Test::Perl::Critic ... criticism in your test suite ... now when you run 'make test', you get Perl Critic ... but it's not good to distribute these test in public modules ... these should be for development only ... you don't want your modules not installing because of Perl Critic
In Review (again)
- Perl Critic is ... a highly-configurable static source code analyzer ... a tool to help you write better code ... a reminder of good coding practices ... an easily extendable system (see Wednesday's talk) ... a development aid, not a distribution dependency ... not a guarantee that you'll write quality code