Recently in Code craft Category

Sometimes you've got a big codebase that isn't just Perl. Maybe you've got PHP mixed in with it, and you want to test the PHP along with all the Perl code, too. Perl's prove program doesn't care if the testing results it parses are from Perl, PHP or even static files, so long as they're in the TAP format. However, actually getting prove to run those PHP programs takes a little doing. Fortunately, Test::Harness 3.xx has hooks for source handlers.

David Wheeler has written about running PostgreSQL tests under prove in his blog and I stole from his code shamelessly to create TAP::Parser::SourceHandler::PHP, released to the CPAN this morning.

So now, to run the Perl .t files and the PHP .phpt files all in one swell foop, here's what we do at work:

prove -r \
    -I/home/alester/proj/Lib \
    --source=Perl --ext=.t \
    --source=PHP \
    --ext=.phpt \
    --php-option=include_path=/home/alester/proj/Class \
    --php-option=extension=.phpt

That --source=PHP tells prove to load up TAP::Parser::SourceHandler::PHP. The --php-option tells prove to pass those options through to the SourceHandler. If we had PostgreSQL tests or MySQL tests, we could use the SourceHandlers for those that David Wheeler has written as well.

Now we can test everything all in one run, and we get all the benefits of Test::Harness 3.xx, like parallel tests and TAP archiving and so on.

Sent to editor of DrDobbs/InformationWeek

I enjoy Sid Sidner's article on static code analysis tools, but was surprised to see two big omissions, especially as they may provide a low-cost point of entry to the organization just starting to look at static analysis.

First, PC-Lint is a relatively low-cost tool that does a fine job of C/C++ analysis. It's been around for years, and has found many C bugs in my code back in the early 90s. I've also been using the open source Splint, for years on the Perl 5 and Parrot open source projects. Although Splint's not nearly as complete a package as Coverity's Scan product (Coverity runs Scan on dozens of open source projects for free as a service to the community), it's a great introduction to the power of static code analysis tools. I also suggest readers check the "List of tools for static code analysis" page on Wikipedia.

Second, one crucial point missed is how any tool is going to require tuning. Splint will generate hundreds of errors in each source file on its first run on your code, since nobody in the real world is as pedantic as the tool is. Each organization will have to decide which policies are worth following, and which are just noise.

Finally, static code analysis isn't strictly for C++ and Java. Many dynamic languages have similar tools. For example, Perl::Critic is a fantastic tool for analysis of Perl code, as well as an extensible framework that lets each organization create custom policies to fit its own development practices.

These links are collected from the Perlbuzz Twitter feed. If you have suggestions for news bits, please mail me at andy@perlbuzz.com.

• Slides for "Fishing for Perl: The New User Experience" (blogs.perl.org)
• I'm seeing more mentions of Plack lately, but know nothing about it. Perlbuzz would welcome an article about it.
• I discuss business cards, resumes and how you want to be remembered in my latest column (pragprog.com)
• What would a completely different CPAN client do? (blogs.perl.org)
• On the problems with libraries, with discussion of the CPAN specifically (pragprog.com)
• WWW::Mechanize 1.62 released (search.cpan.org)
• Action photos from the Perl QA Hackathon (blogs.perl.org)
• Use /gc and \G in matches to separate alternations in separate, smaller patterns (effectiveperlprogramming.com)
• What's come out of the Perl QA Hackathon? Day 2 wrap-up (blogs.perl.org)
• Bricolage 2.0 has been released (bricolagecms.org)
• Jesse Vincent on the new Perl 5.12.x maintenance plan (nntp.perl.org)
• Test::WWW::Mechanize released, finally fixes install failures (search.cpan.org)
• Perl 5.12 has been released (search.cpan.org)
• Announcement and notes for Perl 5.12 (lwn.net)
• Pod::Site is a nice POD browser from @theory. Demo: http://www.bricolagecms.org/docs/current/api/
• Jan Dubois on the return of momentum to Perl 5 development (blogs.activestate.com)
• What's new in Perl 5.12? (search.cpan.org)
• Is cpanminus the future? (blogs.perl.org)
• Aggregating the coverage of Perl 5.12 (blogs.perl.org)
• Survey: What is your primary OS for Perl app development? (perlide.org)
• The Second Age of Perl (blogs.perl.org)

These links are collected from the Perlbuzz Twitter feed. If you have suggestions for news bits, please mail me at andy@perlbuzz.com.

• Falling out of love with a language (bofh.org.uk)
• RT @artmonstergirl I like my regular expressions same as my men, powerful, yet confusing, and not really quite what I intended.
• Avoid accidentally creating methods from module exports (effectiveperlprogramming.com)
• Google Talk with Perl (blogs.perl.org)
• Processing XML with XML::Twig (effectiveperlprogramming.com)
• Polishing NYTProf 3.0 with 3.11 (blog.timbunce.org)
• Higher order MP3 organization (varlogrant.blogspot.com)
• Google Code has improved Subversion project speed (googlecode.blogspot.com)
• Perl Foundation accepted for Google Summer of Code 2010 (news.perlfoundation.org)
• Making deep copies of hashes (effectiveperlprogramming.com)
• Perl projects that should have websites (blogs.perl.org)
• Open Source Bridge 2010 is still accepting proposals (opensourcebridge.org)
• CPAN projects don't need professional looking websites (blogs.perl.org)
• The Perl Foundation gets a new president and treasurer (news.perlfoundation.org)
• Open source summer Perl jobs for college students (use.perl.org)
• sayperl.org provides translations of Perl blogs from around the world (use.perl.org)
• BioPerl accepted to Google Summer of Code (use.perl.org)
• YAPC::NA 2011 call for venue (news.perlfoundation.org)
• Some facts about Schwern (use.perl.org)
• Help englighten Perl's documentation (blogs.perl.org)
• Change your wallpaper with WWW::Mechanize (viveksnv.blogspot.com)
• OSCON Perl track announced (oscon.com)
• Distributing applications via CPAN (blogs.perl.org)
• Leo Lapworth has started a section of whitepapers on Perl.org (blogs.perl.org)
• Moose has a new website (iinteractive.com)

These links are collected from the Perlbuzz Twitter feed. If you have suggestions for news bits, please mail me at andy@perlbuzz.com.

• What's going on with San Francisco Perl Mongers? (blogs.perl.org)
• Contributing is easy: A first-timer talks about adding to CPAN (blogs.perl.org)
• Help keep the world safe from SQL injection: (perlbuzz.com)
• How to learn how to get help in Perl (use.perl.org)
• The Perl Foundation wants your input on grant proposals for 2010 (news.perlfoundation.org)
• Why Ruby is prettier and Padre changes the Perl community (use.perl.org)
• Manage your Perl modules with git (effectiveperlprogramming.com)
• Call for papers for YAPC::NA 2010 in Columbus. Theme: Modern Perl 5 (news.perlfoundation.org)
• Famous Perl One-Liners Explained part 5: Text conversion and substitution (catonmat.net)
• The Italians like ack, too (cattlegrid.info)
• Bash completion for perldoc (blogs.perl.org)
• cpanminus, the new CPAN shell superstar (marcus.nordaaker.com)
• RT @chromatic_x Kudos to *many* active #perl 5 porters for the successful 5.11 release series: (ur1.ca)
• Testing a DB-intensive app (blog.urth.org)
• More news on the TPF wiki overhaul (use.perl.org)
• Do you still program in Perl? (reddit.com)
• Benchmarking is for losers, Profiling rulez! (blog.urth.org)
• Damian Conway's been posting a series of columns on vim: (blogs.perl.org)
• Testing and looging with Dist::Zilla (rjbs.manxome.org)
• Safe.pm 2.25 fixes security hole (blogs.perl.org)
• Serving production web requests with the Catalyst development server (blog.afoolishmanifesto.com)

A while back, I put up bobby-tables.com as a repository for showing people the right way to handle external data in their SQL calls. Whenever someone pops up on a mailing list or IRC and they're building SQL statements using external tainted data, you can just refer them to the site.

In the past few days, I've spiffed up the site (with design help from Jeana Clark) and added pages on Perl and PHP. I need more examples, though. It's 2010, and there's no reason anyone shouldn't know about parameterized SQL calls.

The site source is hosted on github, so if you have any contributions, please fork it and let me know about your applied changes, or you can email me directly.

Thanks!

P.S. In the next few days, I hope to fire up some redesign on perl101.org, too.

These links are collected from the Perlbuzz Twitter feed. If you have suggestions for news bits, please mail me at andy@perlbuzz.com.

• How to import Gravatars into Gmail with 121 lines of Perl (dagolden.com)
• RT @davorg From Amazon.com: After viewing "Data Munging With Perl" 61% of customers buy "I Drink For A Reason" (@davorg is the author of the book)
• ack 1.92 is now out (betterthangrep.com)
• Why learn Perl in 2009? (news.ycombinator.com)
• Screencast about ack from @yerhot (fosscasts.com)
• Presenting Module::Starter 1.54 (use.perl.org)
• Make the pragmas stop! (justatheory.com)
• A collection of Perl one-liners (blogs.perl.org)
• Skud on how developers can make things easier for CPAN users unfamiliar with developer tools (infotrope.net)
• The problems with CGI (blogs.perl.org)
• SVK was end-of-lifed back in May. It was fantastic back when. (use.perl.org)
• Is Perl 5's object system really that bad? (use.perl.org)
• use Config; # discover your path (use.perl.org)
• Perl Foundation has a new Perl events mailing list (news.perlfoundation.org)
• lists.perl.org has been overhauled and updated (blogs.perl.org)
• Perl 5.11.3 now available (use.perl.org)

These links are collected from the Perlbuzz Twitter feed. If you have suggestions for news bits, please mail me at andy@perlbuzz.com.

• blogs.perl.org is a new, modern blogging platform for the Perl community (blogs.perl.org)
• Michael Peters gives thanks for some special folks in the Perl community (use.perl.org)
• Peteris Krumins explores secret Perl 5 operators (catonmat.net)
• Dave Rolsky talks about his Markdown parser, Markdent: (blog.urth.org)
• Using PUT and DELETE methods in web apps (blogs.perl.org)
• Tests are divine (blogs.perl.org)
• Perl advent calendars galore (perlbuzz.com)
• mirod releases a new version of xml_grep2 (blogs.perl.org)
• Introducing gitalist, a modern Git browser written in Perl (blogs.perl.org)
• Posting to CPAN from Github (blogs.perl.org)
• GitPAN's first success: Recreating the history for Pod::Simple (use.perl.org)
• Why use Kephra? (use.perl.org)
• Recap of Eric Whilhelm's Perl Foundation grant to overhaul learn.perl.org (news.perlfoundation.org)
• Using Perl to scrape the web (ssscripting.blogspot.com)
• Peteris Krumins publishes 30 projects on github (catonmat.net)
• cope, a command-line program colorizer in Perl (stuff.cytzol.org)
• The Perl way of avoiding repeated code: (blogs.perl.org)

These links are collected from the Perlbuzz Twitter feed. If you have suggestions for news bits, please mail me at andy@perlbuzz.com.

• Pod::Simple 3.09 hits the CPAN (justatheory.com)
• Strawberry Perl and the nightmare of installing Padre (use.perl.org)
• A busy month for masak in Perl 6 (use.perl.org)
• A productive week in Rakudo-land (use.perl.org)
• Perl one-liners explained part III: Calculations (catonmat.net)
• Handy one-liner to lowercase all filenames in a directory: ls | perl -lne'$x=lc;print qq{mv $_ $x}' | sh -x
• Use CPAN's toolchain to improve your code (use.perl.org)
• Future Perl snuck up on me (headrattle.blogspot.com)
• Find the stupid bug in my progress indicator: say "$n so far" if ( $n % 100000 )";
• I maeked u a shell: lolshell, written in Perl 6 (theintersect.org)
• The horrible bug your command line Perl program probably has (perlbuzz.com)
• Frozen Perl 2010 looking for speakers (news.perlfoundation.org)
• apache2rest is a new framework for REST APIs under mod_perl2 (code.google.com)
• Putting MySQL on a ramdisk to speed up tests (use.perl.org)
• Generating Feedburner graphs (catonmat.net)

Most programmers know you have to check return values from system
functions. Unless you're just starting out as a programmer, you
know that this is bad:

open( my $fh, '<', 'something.txt' );
while ( my $line = <$fh> ) {
    # do something with the input
}

If that open fails the program continues on. The call to
readline will fail, return undef as if we're at
the end of the file, and the user will be none the wiser. If you
have use warnings on, you'll get a "readline() on closed
filehandle", but that's not much help when you should be dying.

Instead, you should be opening your file like this:

my $filename = 'something.txt';
open( my $fh, '<', $filename ) or die "Can't open $filename: $!";

This way, your user gets a useful error message if something goes
wrong, but more importantly, the program doesn't continue as if
nothing is wrong, potentially doing what it should not.

GetOptions needs checking, too

Unfortunately, I see programs where otherwise-sensible programmers
ignore the return code of GetOptions.

use Getopt::Long;
GetOptions(
    'n=i' => \my $count,
);
# Do something that uses $count
print "Processing complete!\n";

There are any number of ways the user can call this program incorrectly:

$ perl foo -n
Option n requires an argument
Processing complete!

$ perl foo -n=five
Value "five" invalid for option n (number expected)
Processing complete!

$ perl foo -m=12
Unknown option: m
Processing complete!

In all three of these cases, the user made a mistake, but the program
lets it slide without a mention. The user's going to be disappointed
with the results.

The solution is simple: Always check the results of GetOptions().
The easiest way is to task && exit(1) after the call:

use Getopt::Long;
GetOptions(
    'n=i' => \my $count,
) or exit(1);

It's simple, effective, and prevents unexpected sorrow.