SlideShare a Scribd company logo

Perl-Critic

Jonas Brømsø
Jonas Brømsø

A short lightning talk rant on why you should use Perl::Critic as a supplemental tool to code/peer review

TechnologyArt & Photos
1 of 16
Download to read offline
Perl::Critic Why (and how) you should write your own Perl::Critic policies By @jonasbn for Nordic Perl Workshop 2013
this should have been: how (and why) but…
ENOTIME
So this is why and not so much how
• peer/code review is (by far IMHO) the best way to ensure quality, security and integrity of your code • exchange the word code for another term like product, deliverable, article, solution, creation aso. • Don’t you get these reviewed by your peers/ teachers/mentors/colleagues/spouse?
• peer/code reviewing is hard work • it is time consuming (AFK time) • not always understood or accepted by managers/peers (AFK time) • but so are meetings?? • it does take you out of your comfort zone (AFK?) • non-issue for open source developers
• The recommendation is that peer/code review sessions should not take longer that 2 hours • So lets make the most of these
• We do not want to waste time on unnecessary details • • curly braces, indentation, tabs vs. spaces We do not want to argue over unnecessary details during the review process • anti-patterns, common idioms, coding guidelines
• A true war story • malicious code got injected in our system as a POC by a security consultant • The problem was presented to security • The comment was that the attack was really creative • YES!
• Coding is done by humans and it is therefor very creative • Even attacks can be very creative • Too “creative” code can be hard to test, hard to debug and hard to maintain • We need to boost creativity to identify the above pitfalls • So in order to make room for this we let the machines take care of the trivial parts
Enter Perl::Critic
Perl::Critic • Perl::Critic policies are document based • Perl::Critic policies are simply Perl modules implementing a required interface • Perl::Critic is based on PPI (Parse Perl Isolated or I Parse Perl in reverse)
Tip 1 % ppidump
% tools/ppidump '$VERSION = "0.01";'! PPI::Document! PPI::Statement! [ 1, 1, 1 ] PPI::Token::Symbol '$VERSION'! [ 1, 10, 10 ] PPI::Token::Operator '='! [ 1, 12, 12 ] PPI::Token::Quote::Double '"0.01"'! [ 1, 18, 18 ] PPI::Token::Structure ';'
TODO • Formulate your coding guidelines • Implement Perl::Critic policies for your common anti-patterns and promoted patterns or coding style • Comply or Explain
• Your code/peer review sessions will add more value and can focus on what is important • You can unleash creativity and identify the hard issues related to security and integrity

Recommended

Stackato v6
Stackato v6Stackato v6
Stackato v6Jonas Brømsø
 
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Tim Bunce
 
Automate Thyself
Automate ThyselfAutomate Thyself
Automate ThyselfOrtus Solutions, Corp
 
Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Ortus Solutions, Corp
 
Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016Clark Everetts
 
DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.Vlad Fedosov
 
Zend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginnersZend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginnersAdam Englander
 
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet
 

Recommended

Stackato v6
Stackato v6Stackato v6
Stackato v6Jonas Brømsø
 
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Tim Bunce
 
Automate Thyself
Automate ThyselfAutomate Thyself
Automate ThyselfOrtus Solutions, Corp
 
Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Ortus Solutions, Corp
 
Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016Clark Everetts
 
DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.Vlad Fedosov
 
Zend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginnersZend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginnersAdam Englander
 
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet
 
2021laravelconftwslides6
2021laravelconftwslides62021laravelconftwslides6
2021laravelconftwslides6LiviaLiaoFontech
 
Zend Code in ZF 2.0
Zend Code in ZF 2.0Zend Code in ZF 2.0
Zend Code in ZF 2.0Ralph Schindler
 
Take your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationTake your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationOrtus Solutions, Corp
 
Ruby performance - The low hanging fruit
Ruby performance - The low hanging fruitRuby performance - The low hanging fruit
Ruby performance - The low hanging fruitBruce Werdschinski
 
Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)DECK36
 
Taming the resource tiger
Taming the resource tigerTaming the resource tiger
Taming the resource tigerElizabeth Smith
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)p3castro
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012Jan Jongboom
 
A Taste of Pharo 7.0
A Taste of Pharo 7.0A Taste of Pharo 7.0
A Taste of Pharo 7.0ESUG
 
cf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Woodcf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad WoodOrtus Solutions, Corp
 
Puppetizing Your Organization
Puppetizing Your OrganizationPuppetizing Your Organization
Puppetizing Your OrganizationRobert Nelson
 
Ansible, Idempotency, and Jenkins
Ansible, Idempotency, and JenkinsAnsible, Idempotency, and Jenkins
Ansible, Idempotency, and Jenkinstylerturk
 
Coldfusion
ColdfusionColdfusion
ColdfusionRam
 
Continuous integration of_puppet_code
Continuous integration of_puppet_codeContinuous integration of_puppet_code
Continuous integration of_puppet_codeDevoteam Revolve
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Chris Tankersley
 
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsTYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsMichael Lihs
 
Php extensions
Php extensionsPhp extensions
Php extensionsElizabeth Smith
 
Life Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsLife Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsTristan Gomez
 
Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Feihong Hsu
 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Puppet
 
Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Lisa Myers
 
Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Antti Kosunen
 

More Related Content

What's hot

Take your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationTake your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationOrtus Solutions, Corp
 
Ruby performance - The low hanging fruit
Ruby performance - The low hanging fruitRuby performance - The low hanging fruit
Ruby performance - The low hanging fruitBruce Werdschinski
 
Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)DECK36
 
Taming the resource tiger
Taming the resource tigerTaming the resource tiger
Taming the resource tigerElizabeth Smith
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)p3castro
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012Jan Jongboom
 
A Taste of Pharo 7.0
A Taste of Pharo 7.0A Taste of Pharo 7.0
A Taste of Pharo 7.0ESUG
 
cf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Woodcf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad WoodOrtus Solutions, Corp
 
Puppetizing Your Organization
Puppetizing Your OrganizationPuppetizing Your Organization
Puppetizing Your OrganizationRobert Nelson
 
Ansible, Idempotency, and Jenkins
Ansible, Idempotency, and JenkinsAnsible, Idempotency, and Jenkins
Ansible, Idempotency, and Jenkinstylerturk
 
Coldfusion
ColdfusionColdfusion
ColdfusionRam
 
Continuous integration of_puppet_code
Continuous integration of_puppet_codeContinuous integration of_puppet_code
Continuous integration of_puppet_codeDevoteam Revolve
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Chris Tankersley
 
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsTYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsMichael Lihs
 
Life Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsLife Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsTristan Gomez
 
Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Feihong Hsu
 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Puppet
 

What's hot (20)

2021laravelconftwslides6
2021laravelconftwslides62021laravelconftwslides6
2021laravelconftwslides6
 
Zend Code in ZF 2.0
Zend Code in ZF 2.0Zend Code in ZF 2.0
Zend Code in ZF 2.0
 
Take your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationTake your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to Modernization
 
Ruby performance - The low hanging fruit
Ruby performance - The low hanging fruitRuby performance - The low hanging fruit
Ruby performance - The low hanging fruit
 
Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)
 
Taming the resource tiger
Taming the resource tigerTaming the resource tiger
Taming the resource tiger
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012
 
A Taste of Pharo 7.0
A Taste of Pharo 7.0A Taste of Pharo 7.0
A Taste of Pharo 7.0
 
cf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Woodcf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Wood
 
Puppetizing Your Organization
Puppetizing Your OrganizationPuppetizing Your Organization
Puppetizing Your Organization
 
Ansible, Idempotency, and Jenkins
Ansible, Idempotency, and JenkinsAnsible, Idempotency, and Jenkins
Ansible, Idempotency, and Jenkins
 
Coldfusion
ColdfusionColdfusion
Coldfusion
 
Continuous integration of_puppet_code
Continuous integration of_puppet_codeContinuous integration of_puppet_code
Continuous integration of_puppet_code
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)
 
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsTYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
 
Php extensions
Php extensionsPhp extensions
Php extensions
 
Life Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsLife Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby Apps
 
Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Asynchronous I/O in Python 3
Asynchronous I/O in Python 3
 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
 

Viewers also liked

Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Lisa Myers
 
Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Antti Kosunen
 
Anti-Advertisement
Anti-AdvertisementAnti-Advertisement
Anti-AdvertisementYunus Emre
 
Chapel 9 25 09
Chapel 9 25 09Chapel 9 25 09
Chapel 9 25 09Huisden
 
Copyright Presentation
Copyright PresentationCopyright Presentation
Copyright PresentationBeneg
 
Evaluation Question 1
Evaluation Question 1Evaluation Question 1
Evaluation Question 1Chris Burke
 
Host University And Advisor Ppt
Host University And Advisor PptHost University And Advisor Ppt
Host University And Advisor PptIREX
 
C:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set upC:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set upAngele Champigny
 
Portofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 ToamnaPortofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 ToamnaDianazaharia
 
Illustrations creatives
Illustrations creativesIllustrations creatives
Illustrations creativesalexinsomny
 
Presentazione HUSK
Presentazione HUSKPresentazione HUSK
Presentazione HUSKItaloblog
 

Viewers also liked (20)

Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012
 
Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26
 
Anti-Advertisement
Anti-AdvertisementAnti-Advertisement
Anti-Advertisement
 
Chapel 9 25 09
Chapel 9 25 09Chapel 9 25 09
Chapel 9 25 09
 
Sm Co Magnet
Sm Co MagnetSm Co Magnet
Sm Co Magnet
 
Copyright Presentation
Copyright PresentationCopyright Presentation
Copyright Presentation
 
Evaluation Question 1
Evaluation Question 1Evaluation Question 1
Evaluation Question 1
 
Downtown Ferndale Business Guide 2011
Downtown Ferndale Business Guide 2011Downtown Ferndale Business Guide 2011
Downtown Ferndale Business Guide 2011
 
Trompito 1
Trompito 1Trompito 1
Trompito 1
 
Host University And Advisor Ppt
Host University And Advisor PptHost University And Advisor Ppt
Host University And Advisor Ppt
 
C:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set upC:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set up
 
Customer Service by Jamie Haenggi
Customer Service by Jamie HaenggiCustomer Service by Jamie Haenggi
Customer Service by Jamie Haenggi
 
How the West was One Gold Rush Survival Kit
How the West was One Gold Rush Survival KitHow the West was One Gold Rush Survival Kit
How the West was One Gold Rush Survival Kit
 
Portofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 ToamnaPortofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 Toamna
 
Illustrations creatives
Illustrations creativesIllustrations creatives
Illustrations creatives
 
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew SabbagNEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
 
Projeto Apc Vivian
Projeto Apc VivianProjeto Apc Vivian
Projeto Apc Vivian
 
Morin
MorinMorin
Morin
 
Presentazione HUSK
Presentazione HUSKPresentazione HUSK
Presentazione HUSK
 
Prophecy
ProphecyProphecy
Prophecy
 

Similar to Perl-Critic

Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術karupanerura
 
Software testing and quality assurance
Software testing and quality assuranceSoftware testing and quality assurance
Software testing and quality assuranceBenjamin Baumann
 
TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)Nacho Cougil
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical ApproachJeremy Brown
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Maven Logix
 
Tester career path
Tester career pathTester career path
Tester career pathgaoliang641
 
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)ssusercaf6c1
 
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)Nacho Cougil
 
Babysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adamBabysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adamAdam Essenmacher
 
How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....Mike Harris
 
Finding Needles in Haystacks
Finding Needles in HaystacksFinding Needles in Haystacks
Finding Needles in Haystackssnyff
 
What designers can learn from (code) review
What designers can learn from (code) reviewWhat designers can learn from (code) review
What designers can learn from (code) reviewIda Aalen
 
How To Use Selenium Successfully
How To Use Selenium SuccessfullyHow To Use Selenium Successfully
How To Use Selenium SuccessfullyDave Haeffner
 
TDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech WeekTDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech WeekNacho Cougil
 
Pair Programming Styles
Pair Programming StylesPair Programming Styles
Pair Programming StylesAttila Bertók
 
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinDev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinMatt Tesauro
 
Topic production code
Topic production codeTopic production code
Topic production codeKavi Kumar
 

Similar to Perl-Critic (20)

Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術
 
Software testing and quality assurance
Software testing and quality assuranceSoftware testing and quality assurance
Software testing and quality assurance
 
TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical Approach
 
Enterprise PHP
Enterprise PHPEnterprise PHP
Enterprise PHP
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening
 
Tester career path
Tester career pathTester career path
Tester career path
 
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
 
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
 
Babysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adamBabysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adam
 
How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....
 
Finding Needles in Haystacks
Finding Needles in HaystacksFinding Needles in Haystacks
Finding Needles in Haystacks
 
What designers can learn from (code) review
What designers can learn from (code) reviewWhat designers can learn from (code) review
What designers can learn from (code) review
 
Good behaviors
Good behaviorsGood behaviors
Good behaviors
 
How To Use Selenium Successfully
How To Use Selenium SuccessfullyHow To Use Selenium Successfully
How To Use Selenium Successfully
 
TDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech WeekTDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech Week
 
Pair Programming Styles
Pair Programming StylesPair Programming Styles
Pair Programming Styles
 
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinDev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
 
Tec314f
Tec314fTec314f
Tec314f
 
Topic production code
Topic production codeTopic production code
Topic production code
 

More from Jonas Brømsø

Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011 Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011 Jonas Brømsø
 

More from Jonas Brømsø (11)

Markdownlint
MarkdownlintMarkdownlint
Markdownlint
 
Mojolicious and REST
Mojolicious and RESTMojolicious and REST
Mojolicious and REST
 
Stackato v5
Stackato v5Stackato v5
Stackato v5
 
Stackato v4
Stackato v4Stackato v4
Stackato v4
 
Stackato v3
Stackato v3Stackato v3
Stackato v3
 
Stackato v2
Stackato v2Stackato v2
Stackato v2
 
Stackato
StackatoStackato
Stackato
 
Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011 Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011
 
Workflow NPW2010
Workflow NPW2010Workflow NPW2010
Workflow NPW2010
 
Test builder
Test builderTest builder
Test builder
 
Workflow Yapceu2010
Workflow Yapceu2010Workflow Yapceu2010
Workflow Yapceu2010
 

Recently uploaded

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 

Recently uploaded (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

Perl-Critic

  • 1. Perl::Critic Why (and how) you should write your own Perl::Critic policies By @jonasbn for Nordic Perl Workshop 2013
  • 2. this should have been: how (and why) but…
  • 4. So this is why and not so much how
  • 5. • peer/code review is (by far IMHO) the best way to ensure quality, security and integrity of your code • exchange the word code for another term like product, deliverable, article, solution, creation aso. • Don’t you get these reviewed by your peers/ teachers/mentors/colleagues/spouse?
  • 6. • peer/code reviewing is hard work • it is time consuming (AFK time) • not always understood or accepted by managers/peers (AFK time) • but so are meetings?? • it does take you out of your comfort zone (AFK?) • non-issue for open source developers
  • 7. • The recommendation is that peer/code review sessions should not take longer that 2 hours • So lets make the most of these
  • 8. • We do not want to waste time on unnecessary details • • curly braces, indentation, tabs vs. spaces We do not want to argue over unnecessary details during the review process • anti-patterns, common idioms, coding guidelines
  • 9. • A true war story • malicious code got injected in our system as a POC by a security consultant • The problem was presented to security • The comment was that the attack was really creative • YES!
  • 10. • Coding is done by humans and it is therefor very creative • Even attacks can be very creative • Too “creative” code can be hard to test, hard to debug and hard to maintain • We need to boost creativity to identify the above pitfalls • So in order to make room for this we let the machines take care of the trivial parts
  • 12. Perl::Critic • Perl::Critic policies are document based • Perl::Critic policies are simply Perl modules implementing a required interface • Perl::Critic is based on PPI (Parse Perl Isolated or I Parse Perl in reverse)
  • 14. % tools/ppidump '$VERSION = "0.01";'! PPI::Document! PPI::Statement! [ 1, 1, 1 ] PPI::Token::Symbol '$VERSION'! [ 1, 10, 10 ] PPI::Token::Operator '='! [ 1, 12, 12 ] PPI::Token::Quote::Double '"0.01"'! [ 1, 18, 18 ] PPI::Token::Structure ';'
  • 15. TODO • Formulate your coding guidelines • Implement Perl::Critic policies for your common anti-patterns and promoted patterns or coding style • Comply or Explain
  • 16. • Your code/peer review sessions will add more value and can focus on what is important • You can unleash creativity and identify the hard issues related to security and integrity