Static analysis is an emerging field, in particular in the PHP world. Reviewing source code at the speed of a computer requires powerful theoretical tools: control flow diagram, abstract syntactic trees, acyclic dependency graph.

If all this seems far and remote from PHP, come and learn how they apply to your favorite language! They are all useful when it comes to detecting early those errors that end up in production, and sometimes, even before the code may compile. We’ll see how to combine all those aspects to build a useful auditing engine.

Comments

Comments are closed.

Clear presentation. Really entertaining and funny presenter

Rated 5

Sonny Savage at 13:52 on 8 Feb 2019

Damien actually got me excited about the possibilities of static analysis. I can't wait to use it in my stack.

Rated 5

Eric Morris at 14:34 on 8 Feb 2019

Mr. Seguy describes what static code analysis is and how useful it can be. It IS the kind of thing a good developer does, but it certainly doesn't scale. I use PHPStorm, and that tool does some of the analysis, but not even close to the degree described here. Is there a plug-in for PHPStorm?

Rated 4

John Ashton at 15:13 on 9 Feb 2019

Great talk. Can you please provide the slides?

Rated 4

Miro Svrtan at 09:43 on 11 Feb 2019

Great introduction into the idea and work behind static analysis.

For 5*:
- try to reorganize the talk so some questions do not feel like you are trying to pull teeth from attendees: I love when speakers try to engage the audience but some of the questions were either not clear or too hard for audience to figure out