An Introduction To Perl Critic YAPC::NA 2007 Houston, TX Josh McAdams

What is Perl Critic? - Think 'use warnings' or 'use strict' ... only more (or less) - Why more? ... Perl Critic looks beyond mere syntatical correctness - for instance, are you using CamelCase sub names? - Why less? ... Perl Critic doesn't actually compile your code - Your code is parsed as a 'document' thanks to PPI - Invalid code could possibly pass a critique

A Basic Example Let's write some code... #!/usr/bin/perl print “Roger That Houston
”; ... I told you it was basic hello_houston.pl

A Basic Example So, let's run perlcritic... --(0)> perlcritic hello_houston.pl Code before strictures are enabled at line 3, column 1. See page 429 of PBP. (Severity: 5) ... what, we have problems already?

A Basic Example What just happened? --(0)> perlcritic hello_houston.pl Code before strictures are enabled at line 3, column 1. See page 429 of PBP. (Severity: 5) It told us how bad our code is! and it complained about a violation and where to find more details on why what we did was wrong. We ran perlcritic

Perl Critic Policies - What is Perl Critic judging our code on? ... Policies ... in this case TestingAndDebugging::RequireUseStrict - What are Policies? ... rules that Perl Critic enforces ... Perl Critic is packaged with many ... they can be big things that can lead to bugs (our example) ... or little things that are mostly cosmetic ... found in the Perl::Critic::Policy namespace - Who comes up with these Policies? ... the Perl Critic maintainers ... Perl Critic extension authors ... You ... let's see an example of a cosmetic policy

A Cosmetic Example Here's the code... #!/usr/bin/perl use strict; use warnings; sub CamelCaseSub { print "Hey, I'm a CamelCase subroutine
"; return; } CamelCaseSub(); any bets on what the error is? cosmetic_example.pl

A Cosmetic Example So, let's run perlcritic... --(0)> perlcritic cosmetic_example.pl cosmetic_example.pl source OK ... wow, we have great code!

A Cosmetic Example Not so fast... --(0)> perlcritic -severity 1 cosmetic_example.pl RCS keywords $Id$ not found at line 1, column 1. See page 441 of PBP. (Severity: 2) RCS keywords $Revision$, $HeadURL$, $Date$ not found at line 1, column 1. See page 441 of PBP. (Severity: 2) RCS keywords $Revision$, $Source$, $Date$ not found at line 1, column 1. See page 441 of PBP. (Severity: 2) No "VERSION" variable found at line 1, column 1. See page 404 of PBP. (Severity: 2) Mixed-case subroutine name at line 6, column 1. See page 44 of PBP. (Severity: 1) ... eek, what happened?

Policy Severities - Who opened the flood gates? ... we did, by asking for a new severity - What are severities? ... weights assigned to policies ... most severe violation = 5 ... least severe violation = 1 - Who assigns these severities? ... module authors ... if you disagree, you can change the severity

Severity Levels - What are the severity levels? 5 = gentle (the only one checked by default) 4 = stern 3 = harsh 2 = cruel 1 = brutal - When you request any severity you get all severities above that level - You can request a severity level by number or by name - It can be helpful to start examining your code at gentle and work your way down

Yet Another Example Here's the code... #!/usr/bin/perl # $Id$ use strict; use warnings; use Config; our $VERSION = 0.1; print "Hipster
" if $Config{'osname'} eq 'darwin'; any bets on what the error is? yet_another_ex.pl

Yet Another Example Just like we expected... --(0)> perlcritic -brutal yet_another_ex.pl Postfix control "if" used at line 11, column 19. See pages 93,94 of PBP. (Severity: 2) ... but I like the postfix if?

Excluding Policies We can selectively exclude policies... --(0)> perlcritic -brutal -exclude ProhibitPostfixControls yet_another_ex.pl trailing_if.pl source OK ... better, but a PITA

Persistent Configuration - How about making my preferences persistent? ... sure, just create a .perlcriticrc file - .perlcriticrc? ... it's just a configuration file with your preferences ... basically an INI file format ... place it in your home directory ... or specify it on the command line ... let's see a file

Excluding Policies Let's see the file... --(0)> cat ~/.perlcriticrc exclude = ControlStructures::ProhibitPostfixControls ... okay, not much there, but it saves some typing

Excluding Policies And it does the trick... --(0)> perlcritic -brutal yet_another_ex.pl yet_another_ex.pl source OK ... there are other options though

Excluding Policies Here's an alternative method... --(0)> cat ~/.perlcriticrc [-ControlStructures::ProhibitPostfixControls] ... so, why one way or the other?

Excluding Policies The 'exclude =' configuration gets ignored when the 'exclude' option is used on the command line ... also, what if 'if' is the only postfix operator I want?

Persistent Configuration Pass arguments to the policy constructor... --(0)> cat ~/.perlcriticrc [ControlStructures::ProhibitPostfixControls] allow = if ... let's check out a bigger example

Persistent Configuration A more interesting configuration file... --(0)> cat ~/.perlcriticrc severity = 2 top = 5 exclude = Editor::RequireEmacsFileVariables [ControlStructures::ProhibitPostfixControls] severity = 4 allow = if unless theme = iffy ... themes?

Themes - What are these themes you speak of? ... similar to tags or labels ... think del.icio.us ... themes classify Policies and allow them to be grouped together for purposes of running or excluding - What are some common themes? core = the policies that come packaged with Perl Critic pbp = policies that apply to Perl Best Practices bugs = policies that typically indicate bugs in your code ... there are many/infinitely more, just look at the policy docs

Specifying Themes Let's specify some themes to look for... --(0)> perlcritic -theme '(pbp || (bugs && security)) && !cosmetic' trailing_if.pl trailing_if.pl source OK ... perlcritic -list shows all policies, themes and severities

One Time Exceptions - What happens if I want to respect a policy, but for some reason can't in this one instance? ... for instance sub-classing DBI and overriding 'connect'... package DBIxUseless; use warnings; use strict; use base qw(DBI); our $VERSION = 1; sub connect { return shift->SUPER::connect(@_) } 1; ... let's see what happens

One Time Exceptions - Running perl critic --(0)> perlcritic DBIxUseless.pm Subroutine name is a homonym for builtin function at line 9, column 1. See page 177 of PBP. (Severity: 4) ... I just can't help it though

A Pseudo-Solution package DBIxUseless; use warnings; use strict; use base qw(DBI); our $VERSION = 1; sub connect { ## no critic (ProhibitBuiltinHomonyms) return shift->SUPER::connect(@_) } 1; Pseudo-pragma allows for you to turn off all or specific criticisms for individual lines of code

A Pseudo-Solution #!/usr/bin/perl use warnings; use strict; ## no critic (ProhibitPostfixControls) print “Hi
” if $^O eq 'darwin'; print “Hello
” if $^O =~ /win/i; ## use critic It even works with blocks of code ... you can use theme names too

In Review - That is Perl Critic in a nutshell ... the system consists of a bunch of policies ... that have a name ... and a severity ... and one (maybe zero) or more themes ... the system can be configured ... by selectively blocking off criticism for specific code ... by ignoring policies ... by changing the severity of policies ... by looking a specific themes ... by tweaking the policies ... severity ... themes ... configuration ... but you still have to remember to run perlcritic, unless

Criticism Pragma package DBIxUseless; use warnings; use strict; use base qw(DBI); use criticism; our $VERSION = 1; sub connect { return shift->SUPER::connect(@_) } 1; You can use the criticism pragma... ... scary!

Criticism Pragma - The criticism pragma ... runs Perl Critic every time you run your code ... keeps you from having to remember to run perlcritic ... creates additional runtime overhead ... is easy to accidentally leave in your production code ... there has to be a better way

Test::Perl::Critic use Test::Perl::Critic; all_critic_ok(); - Test::Perl::Critic ... criticism in your test suite ... now when you run 'make test', you get Perl Critic ... but it's not good to distribute these test in public modules ... these should be for development only ... you don't want your modules not installing because of Perl Critic

In Review (again) - Perl Critic is ... a highly-configurable static source code analyzer ... a tool to help you write better code ... a reminder of good coding practices ... an easily extendable system (see Wednesday's talk) ... a development aid, not a distribution dependency ... not a guarantee that you'll write quality code