-*- org -*-
(using code from a stripped down version of ocamlnet)
(using code from ccss by dario teixeira)
- architecture/aspect layer (default one)
- static dead code layer
- dynamic live code layer (using xhprof data)
- test coverage layer (using phpunit and xdebug data)
- bugs layer
- security layer
- cyclomatic complexity,
- age (and activity) layer
- number of authors layer
can see arguments passed by refs visually (TakeArgNByRef) as well as functions containing dynamic calls (ContainDynamicCall)
can now visualize the result of a git grep on a project
use different color for dirs and files labels, and highlight first letter of label at depth = 1
a DSL to express easily refactoring on PHP.
on attributes
can now express patterns like: sgrep -e ‘foreach($A as $V) { if (strpos($T, $V) !== false) { return Z; }}’
so can visualize also Tex/Latex/Noweb source (which includes the documentation of pfff!)
- does it take argument by refs.
- does it contain dynamic calls ($fn(…))
This can help the visualizer to give more semantic visual feedback.
later in codemap or pfff_statistics
more highlight
wrote wiki pages (intro, sgrep, spatch, features, vision, roadmap, etc)
applied codemap on many open source project and generated screenshots.
thanks to literate programming and codemap itself to show the problem and assist in the refactoring
and put more generic stuff in h_program-lang/
first public release!
Real start of multi-language support.
Show treemap and thumbnails of file content! Have also minimap, zoom, labels, alpha for overlapping labels, labels in diagonal, anamorphic content showing in bigger fonts the important stuff, magnifying glass, clickable content where a click opens the file in your editor at the right place, etc. => A kind of google maps but on code :)
Support for PHP, Javascript, ML, C++, C, thrift.
For PHP do also URL highlighting which helps understand the control flow in webapps. Also highlight local/globals/parameters variables differently. Also highlight bad smells (especially security related bad smells)
Integrate other PL artifacts:
- The builtins API reference
- PLEAC cookbooks
=> a single place to query information about the code (no need to first grep the code, then google for the function because it turns out to be a builtin).
Can easily go the definition of a function (whether it’s a builtin or not, thanks to the parsable PHP manual and HPHP idl files).
Can easily go to the example of use of a function (whether it’s a builtin or not, thanks to PLEAC for the builtin functions).
Far more flexible and powerful than the previous treemap visualizer which was using Graphics. Now also render file content!
support linear patterns (e.g. sgrep -e ‘X & X’) and a -pvar option to print matched metavarables instead of matched code
Allow to use and experiment the treemap code visualizer on the pfff source itself; to see if such features are useful.
very basic support. Just highlighting
reorganized the treemap and h_program-lang/ to be less facebook and pfff specific. Have a commons/file_type.ml for instance.
introduce database_code.ml, a generic code-information database using JSON as support. Will help make pfff less php-specific.
warn about “unused variable” and “use of undefined variable”.
use fast global analysis (bonus: it’s flib-aware and desugar the require_module_xxx and other flib conventions).
a more precise TAGS file generator (bonus: it’s xhp-aware).
parsing/unparsing/dumping. preliminary refactoring support.
introduce PIL, PHP Intermediate Language, a more conveninent AST to work on for doing complex analysis such as dataflow, type-inference, tainted analysis, etc.
include/require analysis as well as flib-unsugaring. Make it possible to grab all the files needed to check one file, in a way similar to what gcc does with cpp. Provide a DFS and BFS algo.
used by arc unit.
rank, filter, parallelize (using MPI), cronize.
fix parsing (lexer) and unparsing bugs
introduce the transfo field, mimicing part of coccinelle.
improve support for XHP and refactoring, merging tokens heuristic.
extract and modularize code from reaper
extract code from facebook/qa_code into analyze_php/qa_code
dead variables/typo detection
static method calls analysis (with self/parent special cases handling)
more work on include/require, now stored in the database. better environment handling (PHP_ROOT, THRIFT_ROOT, etc)
more work on builtins, needed by checkModule
users_of_class, users_of_define, extenders/implementers of class
fix bugs in lexer
now can parse <?= code
split analyze_php/ in multiple dirs moved code from facebook/ to analyze_php/
started to use OUnit.ml !
unit tests for parsing, analysis, deadcode, callgraph, xdebug
extract and modularize php highlighting logic from gtk gui.
started integrate treemap and web gui.
dead sitevars analysis update: not used
static arrays lint checks
proto of undeterministic PHP bugs finder using diff and xdebug
proto for flib dependencies display
with
- test_rank,
- cyclomatic complexity,
- test_smells,
- email annotations and notifications
- output results via R
and tools/phpunit.ml update: supersed by ‘t’
but for now very rudimentary update: not used for now
control flow graph analysis: useful for cyclomatic complexity, and potentially useful or far more things (sgrep, dataflow, etc)
start of dataflow analysis
start of coverage analysis (static and dynamic)
start of include_require static analysis (and flib file dependencies too)
start of type unioning
used by fb_phpunit_wrap
useful to get local regression information on tests.
updated the deadcode reaper, fb_phpunit_wrap, and pfff_db to analyze the current code
more xdebug parsing
reorganized facebook/ with fb_common/www.ml, etc and fb_org/fb_employee.ml, etc
reorganized json/sexp output, factorize code and use more ocaml.ml
Can now do dynamic analysis! Done for type “inference/extraction”.
trivial type inference feedback based on xdebug info update: not really used for now
could be useful at some point for better type checking or type inference update: not sure for now
by source-to-source transformation.
now I can code in PHP :)
with map_php.ml. Used by ppp and closure implemetation.
- a -emacs flag
- improved -xhp and made it the default operating mode
- do fixpoint analysis per file
a code matcher working at the AST level
update: superseded by cairo-based viewer (but reused most of the algorithms)
first part (with its literate programming manual)
update: superseded by web gui
XHP poor’s man support. Just have A new -pp option to give opportunity to call a preprocessor (eg ‘xhpize -d’).
a new -json option and json support
also supported in sgrep.
programmer manual for parsing_php/ internals manual for parsing_php/
!!use literate programming method (via noweb/syncweb)!! (hence the special marks in the source)
callgraph for methods (using weak heuristic), with optimisations to scale (partially because use weak heuristic)
deadcode analysis v2, v3, v4 diffcamp/facebook integration (via mysql and git)
ORM for mysql (using camlmix) Mysql support (with ocamlmysql/) note: for diffcamp/facebook integration
IRC support (adapting ocamlirc/) update: not used anymore
complement git.ml
deadcode analysis v1
update: superseded by codemap, a fancy gui using cairo and gtk
reused Zend flex/bison code.