SlideShare a Scribd company logo

Perl-Critic

Jonas Brømsø
Jonas Brømsø

A short lightning talk rant on why you should use Perl::Critic as a supplemental tool to code/peer review

1 of 16
Download to read offline
Perl::Critic Why (and how) you should write your own Perl::Critic policies By @jonasbn for Nordic Perl Workshop 2013
this should have been: how (and why) but…
ENOTIME
So this is why and not so much how
• peer/code review is (by far IMHO) the best way to ensure quality, security and integrity of your code • exchange the word code for another term like product, deliverable, article, solution, creation aso. • Don’t you get these reviewed by your peers/ teachers/mentors/colleagues/spouse?
• peer/code reviewing is hard work • it is time consuming (AFK time) • not always understood or accepted by managers/peers (AFK time) • but so are meetings?? • it does take you out of your comfort zone (AFK?) • non-issue for open source developers
• The recommendation is that peer/code review sessions should not take longer that 2 hours • So lets make the most of these
• We do not want to waste time on unnecessary details • • curly braces, indentation, tabs vs. spaces We do not want to argue over unnecessary details during the review process • anti-patterns, common idioms, coding guidelines
• A true war story • malicious code got injected in our system as a POC by a security consultant • The problem was presented to security • The comment was that the attack was really creative • YES!
• Coding is done by humans and it is therefor very creative • Even attacks can be very creative • Too “creative” code can be hard to test, hard to debug and hard to maintain • We need to boost creativity to identify the above pitfalls • So in order to make room for this we let the machines take care of the trivial parts
Enter Perl::Critic
Perl::Critic • Perl::Critic policies are document based • Perl::Critic policies are simply Perl modules implementing a required interface • Perl::Critic is based on PPI (Parse Perl Isolated or I Parse Perl in reverse)
Tip 1 % ppidump
% tools/ppidump '$VERSION = "0.01";'! PPI::Document! PPI::Statement! [ 1, 1, 1 ] PPI::Token::Symbol '$VERSION'! [ 1, 10, 10 ] PPI::Token::Operator '='! [ 1, 12, 12 ] PPI::Token::Quote::Double '"0.01"'! [ 1, 18, 18 ] PPI::Token::Structure ';'
TODO • Formulate your coding guidelines • Implement Perl::Critic policies for your common anti-patterns and promoted patterns or coding style • Comply or Explain
• Your code/peer review sessions will add more value and can focus on what is important • You can unleash creativity and identify the hard issues related to security and integrity

Recommended

Stackato v6
Stackato v6Stackato v6
Stackato v6
Jonas Brømsø
 
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Tim Bunce
 
Automate Thyself
Automate ThyselfAutomate Thyself
Automate Thyself
Ortus Solutions, Corp
 
Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016
Ortus Solutions, Corp
 
Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016
Clark Everetts
 
DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.
Vlad Fedosov
 
Zend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginnersZend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginners
Adam Englander
 
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet
 

Recommended

Stackato v6
Stackato v6Stackato v6
Stackato v6
Jonas Brømsø
 
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Devel::NYTProf v3 - 200908 (OUTDATED, see 201008)
Tim Bunce
 
Automate Thyself
Automate ThyselfAutomate Thyself
Automate Thyself
Ortus Solutions, Corp
 
Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016Testing Automaton - CFSummit 2016
Testing Automaton - CFSummit 2016
Ortus Solutions, Corp
 
Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016Php Dependency Management with Composer ZendCon 2016
Php Dependency Management with Composer ZendCon 2016
Clark Everetts
 
DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.DevOps Fest 2020. immutable infrastructure as code. True story.
DevOps Fest 2020. immutable infrastructure as code. True story.
Vlad Fedosov
 
Zend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginnersZend con 2016 bdd with behat for beginners
Zend con 2016 bdd with behat for beginners
Adam Englander
 
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) - Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet Camp Atlanta 2014: DEV Toolsets for Ops (Beginner) -
Puppet
 
2021laravelconftwslides6
2021laravelconftwslides62021laravelconftwslides6
2021laravelconftwslides6
LiviaLiaoFontech
 
Zend Code in ZF 2.0
Zend Code in ZF 2.0Zend Code in ZF 2.0
Zend Code in ZF 2.0
Ralph Schindler
 
Take your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationTake your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to Modernization
Ortus Solutions, Corp
 
Ruby performance - The low hanging fruit
Ruby performance - The low hanging fruitRuby performance - The low hanging fruit
Ruby performance - The low hanging fruit
Bruce Werdschinski
 
Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)
DECK36
 
Taming the resource tiger
Taming the resource tigerTaming the resource tiger
Taming the resource tiger
Elizabeth Smith
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
p3castro
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012Jan Jongboom
 
A Taste of Pharo 7.0
A Taste of Pharo 7.0A Taste of Pharo 7.0
A Taste of Pharo 7.0
ESUG
 
cf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Woodcf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Wood
Ortus Solutions, Corp
 
Puppetizing Your Organization
Puppetizing Your OrganizationPuppetizing Your Organization
Puppetizing Your Organization
Robert Nelson
 
Ansible, Idempotency, and Jenkins
Ansible, Idempotency, and JenkinsAnsible, Idempotency, and Jenkins
Ansible, Idempotency, and Jenkins
tylerturk
 
Coldfusion
ColdfusionColdfusion
ColdfusionRam
 
Continuous integration of_puppet_code
Continuous integration of_puppet_codeContinuous integration of_puppet_code
Continuous integration of_puppet_code
Devoteam Revolve
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)
Chris Tankersley
 
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsTYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
Michael Lihs
 
Php extensions
Php extensionsPhp extensions
Php extensions
Elizabeth Smith
 
Life Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsLife Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby Apps
Tristan Gomez
 
Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Asynchronous I/O in Python 3
Asynchronous I/O in Python 3
Feihong Hsu
 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Puppet
 
Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012
Lisa Myers
 
Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Antti Kosunen
 

More Related Content

What's hot

2021laravelconftwslides6
2021laravelconftwslides62021laravelconftwslides6
2021laravelconftwslides6
LiviaLiaoFontech
 
Zend Code in ZF 2.0
Zend Code in ZF 2.0Zend Code in ZF 2.0
Zend Code in ZF 2.0
Ralph Schindler
 
Take your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationTake your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to Modernization
Ortus Solutions, Corp
 
Ruby performance - The low hanging fruit
Ruby performance - The low hanging fruitRuby performance - The low hanging fruit
Ruby performance - The low hanging fruit
Bruce Werdschinski
 
Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)
DECK36
 
Taming the resource tiger
Taming the resource tigerTaming the resource tiger
Taming the resource tiger
Elizabeth Smith
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
p3castro
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012Jan Jongboom
 
A Taste of Pharo 7.0
A Taste of Pharo 7.0A Taste of Pharo 7.0
A Taste of Pharo 7.0
ESUG
 
cf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Woodcf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Wood
Ortus Solutions, Corp
 
Puppetizing Your Organization
Puppetizing Your OrganizationPuppetizing Your Organization
Puppetizing Your Organization
Robert Nelson
 
Ansible, Idempotency, and Jenkins
Ansible, Idempotency, and JenkinsAnsible, Idempotency, and Jenkins
Ansible, Idempotency, and Jenkins
tylerturk
 
Coldfusion
ColdfusionColdfusion
ColdfusionRam
 
Continuous integration of_puppet_code
Continuous integration of_puppet_codeContinuous integration of_puppet_code
Continuous integration of_puppet_code
Devoteam Revolve
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)
Chris Tankersley
 
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsTYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
Michael Lihs
 
Php extensions
Php extensionsPhp extensions
Php extensions
Elizabeth Smith
 
Life Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsLife Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby Apps
Tristan Gomez
 
Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Asynchronous I/O in Python 3
Asynchronous I/O in Python 3
Feihong Hsu
 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Puppet
 

What's hot (20)

2021laravelconftwslides6
2021laravelconftwslides62021laravelconftwslides6
2021laravelconftwslides6
 
Zend Code in ZF 2.0
Zend Code in ZF 2.0Zend Code in ZF 2.0
Zend Code in ZF 2.0
 
Take your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to ModernizationTake your CFML Legacy Apps to Modernization
Take your CFML Legacy Apps to Modernization
 
Ruby performance - The low hanging fruit
Ruby performance - The low hanging fruitRuby performance - The low hanging fruit
Ruby performance - The low hanging fruit
 
Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)Our Puppet Story (Linuxtag 2014)
Our Puppet Story (Linuxtag 2014)
 
Taming the resource tiger
Taming the resource tigerTaming the resource tiger
Taming the resource tiger
 
Packaging perl (LPW2010)
Packaging perl (LPW2010)Packaging perl (LPW2010)
Packaging perl (LPW2010)
 
The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012The Architect Way - JSCamp.asia 2012
The Architect Way - JSCamp.asia 2012
 
A Taste of Pharo 7.0
A Taste of Pharo 7.0A Taste of Pharo 7.0
A Taste of Pharo 7.0
 
cf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Woodcf.Objective() 2017 - Design patterns - Brad Wood
cf.Objective() 2017 - Design patterns - Brad Wood
 
Puppetizing Your Organization
Puppetizing Your OrganizationPuppetizing Your Organization
Puppetizing Your Organization
 
Ansible, Idempotency, and Jenkins
Ansible, Idempotency, and JenkinsAnsible, Idempotency, and Jenkins
Ansible, Idempotency, and Jenkins
 
Coldfusion
ColdfusionColdfusion
Coldfusion
 
Continuous integration of_puppet_code
Continuous integration of_puppet_codeContinuous integration of_puppet_code
Continuous integration of_puppet_code
 
Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)Using PHP Functions! (Not those functions, Google Cloud Functions)
Using PHP Functions! (Not those functions, Google Cloud Functions)
 
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source ToolsTYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
TYPO3 Camp Stuttgart 2015 - Continuous Delivery with Open Source Tools
 
Php extensions
Php extensionsPhp extensions
Php extensions
 
Life Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby AppsLife Beyond Rails: Creating Cross Platform Ruby Apps
Life Beyond Rails: Creating Cross Platform Ruby Apps
 
Asynchronous I/O in Python 3
Asynchronous I/O in Python 3Asynchronous I/O in Python 3
Asynchronous I/O in Python 3
 
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
Testing for Ops: Going Beyond the Manifest - PuppetConf 2013
 

Viewers also liked

Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012
Lisa Myers
 
Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Antti Kosunen
 
Anti-Advertisement
Anti-AdvertisementAnti-Advertisement
Anti-AdvertisementYunus Emre
 
Chapel 9 25 09
Chapel 9 25 09Chapel 9 25 09
Chapel 9 25 09
Huisden
 
Copyright Presentation
Copyright PresentationCopyright Presentation
Copyright Presentation
Beneg
 
Evaluation Question 1
Evaluation Question 1Evaluation Question 1
Evaluation Question 1
Chris Burke
 
Downtown Ferndale Business Guide 2011
Downtown Ferndale Business Guide 2011Downtown Ferndale Business Guide 2011
Downtown Ferndale Business Guide 2011
Ferndale Downtown Development Authority
 
Host University And Advisor Ppt
Host University And Advisor PptHost University And Advisor Ppt
Host University And Advisor PptIREX
 
C:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set upC:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set upAngele Champigny
 
Customer Service by Jamie Haenggi
Customer Service by Jamie HaenggiCustomer Service by Jamie Haenggi
Customer Service by Jamie Haenggi
Wichita Metro Chamber of Commerce
 
How the West was One Gold Rush Survival Kit
How the West was One Gold Rush Survival KitHow the West was One Gold Rush Survival Kit
How the West was One Gold Rush Survival Kit
Ferndale Downtown Development Authority
 
Portofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 ToamnaPortofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 Toamna
Dianazaharia
 
Illustrations creatives
Illustrations creativesIllustrations creatives
Illustrations creativesalexinsomny
 
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew SabbagNEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
New England Direct Marketing Association
 
Presentazione HUSK
Presentazione HUSKPresentazione HUSK
Presentazione HUSK
Italoblog
 
Prophecy
ProphecyProphecy
Prophecy
Philippus Baalman
 

Viewers also liked (20)

Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012Google Places - Global Approach ISS 2012
Google Places - Global Approach ISS 2012
 
Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26Nestholma Venture Accelerator_intro 2016-09-26
Nestholma Venture Accelerator_intro 2016-09-26
 
Anti-Advertisement
Anti-AdvertisementAnti-Advertisement
Anti-Advertisement
 
Chapel 9 25 09
Chapel 9 25 09Chapel 9 25 09
Chapel 9 25 09
 
Sm Co Magnet
Sm Co MagnetSm Co Magnet
Sm Co Magnet
 
Copyright Presentation
Copyright PresentationCopyright Presentation
Copyright Presentation
 
Evaluation Question 1
Evaluation Question 1Evaluation Question 1
Evaluation Question 1
 
Downtown Ferndale Business Guide 2011
Downtown Ferndale Business Guide 2011Downtown Ferndale Business Guide 2011
Downtown Ferndale Business Guide 2011
 
Trompito 1
Trompito 1Trompito 1
Trompito 1
 
Host University And Advisor Ppt
Host University And Advisor PptHost University And Advisor Ppt
Host University And Advisor Ppt
 
C:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set upC:\fakepath\tour 2011 – first set up
C:\fakepath\tour 2011 – first set up
 
Customer Service by Jamie Haenggi
Customer Service by Jamie HaenggiCustomer Service by Jamie Haenggi
Customer Service by Jamie Haenggi
 
How the West was One Gold Rush Survival Kit
How the West was One Gold Rush Survival KitHow the West was One Gold Rush Survival Kit
How the West was One Gold Rush Survival Kit
 
Portofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 ToamnaPortofoliu AIESEC Targu Mures 2009 Toamna
Portofoliu AIESEC Targu Mures 2009 Toamna
 
Illustrations creatives
Illustrations creativesIllustrations creatives
Illustrations creatives
 
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew SabbagNEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
NEDMAInno14: How to Stand OUT from the Crowd on LinkedIn - Lew Sabbag
 
Projeto Apc Vivian
Projeto Apc VivianProjeto Apc Vivian
Projeto Apc Vivian
 
Morin
MorinMorin
Morin
 
Presentazione HUSK
Presentazione HUSKPresentazione HUSK
Presentazione HUSK
 
Prophecy
ProphecyProphecy
Prophecy
 

Similar to Perl-Critic

Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術
karupanerura
 
Software testing and quality assurance
Software testing and quality assuranceSoftware testing and quality assurance
Software testing and quality assurance
Benjamin Baumann
 
TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)
Nacho Cougil
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical Approach
Jeremy Brown
 
Enterprise PHP
Enterprise PHPEnterprise PHP
Enterprise PHP
Mohammad Emran Hasan
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening
Maven Logix
 
Tester career path
Tester career pathTester career path
Tester career pathgaoliang641
 
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
ssusercaf6c1
 
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
Nacho Cougil
 
Babysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adamBabysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adamAdam Essenmacher
 
How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....
Mike Harris
 
Finding Needles in Haystacks
Finding Needles in HaystacksFinding Needles in Haystacks
Finding Needles in Haystacks
snyff
 
What designers can learn from (code) review
What designers can learn from (code) reviewWhat designers can learn from (code) review
What designers can learn from (code) review
Ida Aalen
 
How To Use Selenium Successfully
How To Use Selenium SuccessfullyHow To Use Selenium Successfully
How To Use Selenium Successfully
Dave Haeffner
 
TDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech WeekTDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech Week
Nacho Cougil
 
Pair Programming Styles
Pair Programming StylesPair Programming Styles
Pair Programming Styles
Attila Bertók
 
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinDev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Matt Tesauro
 
Topic production code
Topic production codeTopic production code
Topic production code
Kavi Kumar
 

Similar to Perl-Critic (20)

Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術Technology for reduce of mistakes - うっかりをなくす技術
Technology for reduce of mistakes - うっかりをなくす技術
 
Software testing and quality assurance
Software testing and quality assuranceSoftware testing and quality assurance
Software testing and quality assurance
 
TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)TDD - Seriously, try it! (updated '22)
TDD - Seriously, try it! (updated '22)
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical Approach
 
Enterprise PHP
Enterprise PHPEnterprise PHP
Enterprise PHP
 
Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening Capability Building for Cyber Defense: Software Walk through and Screening
Capability Building for Cyber Defense: Software Walk through and Screening
 
Tester career path
Tester career pathTester career path
Tester career path
 
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
TDD - Seriously, try it! - Trójmiasto Java User Group (17th May '23)
 
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
TDD - Seriously, try it! - Trjjmiasto JUG (17th May '23)
 
Babysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adamBabysitting your orm essenmacher, adam
Babysitting your orm essenmacher, adam
 
How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....How I Learned to Stop Worrying and Love Legacy Code.....
How I Learned to Stop Worrying and Love Legacy Code.....
 
Finding Needles in Haystacks
Finding Needles in HaystacksFinding Needles in Haystacks
Finding Needles in Haystacks
 
What designers can learn from (code) review
What designers can learn from (code) reviewWhat designers can learn from (code) review
What designers can learn from (code) review
 
Good behaviors
Good behaviorsGood behaviors
Good behaviors
 
How To Use Selenium Successfully
How To Use Selenium SuccessfullyHow To Use Selenium Successfully
How To Use Selenium Successfully
 
TDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech WeekTDD - Seriously, try it! - Bucarest Tech Week
TDD - Seriously, try it! - Bucarest Tech Week
 
Pair Programming Styles
Pair Programming StylesPair Programming Styles
Pair Programming Styles
 
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austinDev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
Dev ops ci-ap-is-oh-my_security-gone-agile_ut-austin
 
Tec314f
Tec314fTec314f
Tec314f
 
Topic production code
Topic production codeTopic production code
Topic production code
 

More from Jonas Brømsø

Markdownlint
MarkdownlintMarkdownlint
Markdownlint
Jonas Brømsø
 
Mojolicious and REST
Mojolicious and RESTMojolicious and REST
Mojolicious and REST
Jonas Brømsø
 
Stackato v5
Stackato v5Stackato v5
Stackato v5
Jonas Brømsø
 
Stackato v4
Stackato v4Stackato v4
Stackato v4
Jonas Brømsø
 
Stackato v3
Stackato v3Stackato v3
Stackato v3
Jonas Brømsø
 
Stackato v2
Stackato v2Stackato v2
Stackato v2
Jonas Brømsø
 
Stackato
StackatoStackato
Stackato
Jonas Brømsø
 
Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011 Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011
Jonas Brømsø
 
Workflow NPW2010
Workflow NPW2010Workflow NPW2010
Workflow NPW2010
Jonas Brømsø
 
Test builder
Test builderTest builder
Test builder
Jonas Brømsø
 
Workflow Yapceu2010
Workflow Yapceu2010Workflow Yapceu2010
Workflow Yapceu2010
Jonas Brømsø
 

More from Jonas Brømsø (11)

Markdownlint
MarkdownlintMarkdownlint
Markdownlint
 
Mojolicious and REST
Mojolicious and RESTMojolicious and REST
Mojolicious and REST
 
Stackato v5
Stackato v5Stackato v5
Stackato v5
 
Stackato v4
Stackato v4Stackato v4
Stackato v4
 
Stackato v3
Stackato v3Stackato v3
Stackato v3
 
Stackato v2
Stackato v2Stackato v2
Stackato v2
 
Stackato
StackatoStackato
Stackato
 
Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011 Using Jenkins for Continuous Integration of Perl components OSD2011
Using Jenkins for Continuous Integration of Perl components OSD2011
 
Workflow NPW2010
Workflow NPW2010Workflow NPW2010
Workflow NPW2010
 
Test builder
Test builderTest builder
Test builder
 
Workflow Yapceu2010
Workflow Yapceu2010Workflow Yapceu2010
Workflow Yapceu2010
 

Recently uploaded

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
Kari Kakkonen
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Aggregage
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
danishmna97
 

Recently uploaded (20)

GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
DevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA ConnectDevOps and Testing slides at DASA Connect
DevOps and Testing slides at DASA Connect
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionGenerative AI Deep Dive: Advancing from Proof of Concept to Production
Generative AI Deep Dive: Advancing from Proof of Concept to Production
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
How to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptxHow to Get CNIC Information System with Paksim Ga.pptx
How to Get CNIC Information System with Paksim Ga.pptx
 

Perl-Critic

  • 1. Perl::Critic Why (and how) you should write your own Perl::Critic policies By @jonasbn for Nordic Perl Workshop 2013
  • 2. this should have been: how (and why) but…
  • 4. So this is why and not so much how
  • 5. • peer/code review is (by far IMHO) the best way to ensure quality, security and integrity of your code • exchange the word code for another term like product, deliverable, article, solution, creation aso. • Don’t you get these reviewed by your peers/ teachers/mentors/colleagues/spouse?
  • 6. • peer/code reviewing is hard work • it is time consuming (AFK time) • not always understood or accepted by managers/peers (AFK time) • but so are meetings?? • it does take you out of your comfort zone (AFK?) • non-issue for open source developers
  • 7. • The recommendation is that peer/code review sessions should not take longer that 2 hours • So lets make the most of these
  • 8. • We do not want to waste time on unnecessary details • • curly braces, indentation, tabs vs. spaces We do not want to argue over unnecessary details during the review process • anti-patterns, common idioms, coding guidelines
  • 9. • A true war story • malicious code got injected in our system as a POC by a security consultant • The problem was presented to security • The comment was that the attack was really creative • YES!
  • 10. • Coding is done by humans and it is therefor very creative • Even attacks can be very creative • Too “creative” code can be hard to test, hard to debug and hard to maintain • We need to boost creativity to identify the above pitfalls • So in order to make room for this we let the machines take care of the trivial parts
  • 12. Perl::Critic • Perl::Critic policies are document based • Perl::Critic policies are simply Perl modules implementing a required interface • Perl::Critic is based on PPI (Parse Perl Isolated or I Parse Perl in reverse)
  • 14. % tools/ppidump '$VERSION = "0.01";'! PPI::Document! PPI::Statement! [ 1, 1, 1 ] PPI::Token::Symbol '$VERSION'! [ 1, 10, 10 ] PPI::Token::Operator '='! [ 1, 12, 12 ] PPI::Token::Quote::Double '"0.01"'! [ 1, 18, 18 ] PPI::Token::Structure ';'
  • 15. TODO • Formulate your coding guidelines • Implement Perl::Critic policies for your common anti-patterns and promoted patterns or coding style • Comply or Explain
  • 16. • Your code/peer review sessions will add more value and can focus on what is important • You can unleash creativity and identify the hard issues related to security and integrity