GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects â†’ scheb â†’ Tombstone

scheb / Tombstone

Licence: mit
Dead code detection with tombstones for PHP ðŸŠĶ🧟

Labels

static-code-analysis

Projects that are alternatives of or similar to Tombstone

Abaplint
Standalone linter for ABAP
Stars: ✭ 111 (-35.47%)
Mutual labels:  static-code-analysis
Tip
Static program analysis for TIP
Stars: ✭ 140 (-18.6%)
Mutual labels:  static-code-analysis
Walkmod Core
walkmod: an open source tool to fix coding style issues
Stars: ✭ 153 (-11.05%)
Mutual labels:  static-code-analysis
Grepbugs
A regex based source code scanner.
Stars: ✭ 118 (-31.4%)
Mutual labels:  static-code-analysis
I18n Tasks
Manage translation and localization with static analysis, for Ruby i18n
Stars: ✭ 1,748 (+916.28%)
Mutual labels:  static-code-analysis
Bento
[DEPRECATED] Find Python web-app bugs delightfully fast, without changing your workflow. ðŸą
Stars: ✭ 147 (-14.53%)
Mutual labels:  static-code-analysis
Drek
A static-code-analysis tool for performing security-focused code reviews. It enables an auditor to swiftly map the attack-surface of a large application, with an emphasis on identifying development anti-patterns and footguns.
Stars: ✭ 103 (-40.12%)
Mutual labels:  static-code-analysis
Phpstan Deprecation Rules
PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
Stars: ✭ 160 (-6.98%)
Mutual labels:  static-code-analysis
Sonar Pmd
☕ïļ PMD Plugin for SonarQube
Stars: ✭ 139 (-19.19%)
Mutual labels:  static-code-analysis
Tajs
Type Analyzer for JavaScript
Stars: ✭ 150 (-12.79%)
Mutual labels:  static-code-analysis
Feram
Feram finds & fixes bugs in your commits
Stars: ✭ 122 (-29.07%)
Mutual labels:  static-code-analysis
Owasp Orizon
Owasp Orizon is a source code static analyzer tool designed to spot security issues in Java applications.
Stars: ✭ 130 (-24.42%)
Mutual labels:  static-code-analysis
Wpbullet
A static code analysis for WordPress (and PHP)
Stars: ✭ 148 (-13.95%)
Mutual labels:  static-code-analysis
Nsdepcop
NsDepCop is a static code analysis tool that helps to enforce namespace dependency rules in C# projects. No more unplanned or unnoticed dependencies in your system.
Stars: ✭ 114 (-33.72%)
Mutual labels:  static-code-analysis
Cflint
Static code analysis for CFML (a linter)
Stars: ✭ 156 (-9.3%)
Mutual labels:  static-code-analysis
Phpstan
PHP Static Analysis Tool - discover bugs in your code without running it!
Stars: ✭ 10,534 (+6024.42%)
Mutual labels:  static-code-analysis
Rubocop
A Ruby static code analyzer and formatter, based on the community Ruby style guide.
Stars: ✭ 11,593 (+6640.12%)
Mutual labels:  static-code-analysis
Infer
A static analyzer for Java, C, C++, and Objective-C
Stars: ✭ 12,823 (+7355.23%)
Mutual labels:  static-code-analysis
Coveragechecker
Allows old code to use new standards
Stars: ✭ 159 (-7.56%)
Mutual labels:  static-code-analysis
Perl Critic
The leading static analyzer for Perl. Configurable, extensible, powerful.
Stars: ✭ 149 (-13.37%)
Mutual labels:  static-code-analysis
View All Similar Projects ➔

scheb/tombstone

Implements the concept of tombstones for dead code detection in PHP.

The library provides you with a toolbox to place, track and evaluate tombstones in your code.

Build Status Scrutinizer Code Quality Code Coverage Latest Stable Version Monthly Downloads Total Downloads License

Logo

What are Tombstones?

To get the basic idea, watch David Schnepper's 5 minute talk from Velocity Santa Clara 2014.

Tombstone Youtube Video

When you want to identify and clean-up dead code in a project, static code analysis tools are the weapon of choice. But these tools have some limitations, especially in a dynamic language like PHP:

  • They can only tell you, if a piece of code is referenced, not if it's actually used
  • They cannot resolve dynamic or generated call paths

Tombstones provide a way to track if a piece of code is actually invoked. They are executable markers in your code, that you can place where you suspect dead code. Then, you collect tombstone invocations on production. After a while, the logs will tell you, which tombstones are dead and which ones aren't (the so called "vampires").

Installation

The library consists of multiple components, that need to be installed and configured independently:

Read how to install scheb/tombstone-logger for placing and logging tombstones in your code.

Read how to install scheb/tombstone-analyzer, which takes log data from scheb/tombstone-logger to generate reports in various formats. For example an HTML report:

Dashboard view Code view

Security

For information about the security policy and know security issues, see SECURITY.md.

Contributing

Want to contribute to this project? See CONTRIBUTING.md.

License

This software is available under the MIT license.

Acknowledgments

The library is heavly inspired by Nestoria.com's implementation of the tombstone concept.

Thanks to Jordi Boggiano for creating Monolog, from where I lend the handler/formatter concept.

The tombstone graphic is based on a licensed illustration by "lemonadeserenade".

Support Me

I'm developing this library since 2015. I love to hear from people using it, giving me the motivation to keep working on my open source projects.

If you want to let me know you're finding it useful, please consider giving it a star ⭐ on GitHub.

If you love my work and want to say thank you, you can help me out for a beer ðŸŧïļ via PayPal.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].