NAME

Perl::Critic - Critique Perl source for style and standards

SYNOPSIS

  use Perl::Critic;

  #Create Critic and load Policies from default config file
  $critic = Perl::Critic->new();

  #Create Critic and load only the most important Polices
  $critic = Perl::Critic->new(-priority => 1);

  #Create Critic and load Policies from specific config file
  $critic = Perl::Critic->new(-profile => $file);

  #Create Critic and load Policy by hand
  $critic = Perl::Critic->new(-profile => '');
  $critic->add_policy('MyPolicyModule');

  #Analyze code for policy violations
  @violations = $critic->critique($source_code);

DESCRIPTION

Perl::Critic is an extensible framework for creating and applying coding standards to Perl source code. Essentially, it is a static source code analysis engine. Perl::Critic is distributed with a number of Perl::Critic::Policy modules that attempt to enforce the guidelines in Damian Conway's book Perl Best Practices. You can choose and customize those Polices through the Perl::Critic interface. You can also create new Policy modules that suit your own tastes.

For a convenient command-line interface to Perl::Critic, see the documentation for perlcritic. If you want to integrate Perl::Critic with your build process, Test::Perl::Critic provides a nice interface that is suitable for test scripts.

CONSTRUCTOR

new( [ -profile => $FILE, -priority => $N, -force => 1 ] )

Returns a reference to a Perl::Critic object. All arguments are optional key-value pairs, described as follows:

-profile is the path to a configuration file that dictates which policies should be loaded into the Perl::Critic engine and how to configure each one. If $FILE is not defined, Perl::Critic attempts to find a .perlcriticrc configuration file in several different places. If a configuration file can't be found, or if $FILE is an empty string, then Perl::Critic reverts to its factory setup and all Policy modules that are distributed with Perl::Critic will be loaded. See "CONFIGURATION" for more information.

-priority is the maximum priority value of Policies that should be loaded. 1 is the "highest" priority, and all numbers larger than 1 have "lower" priority. Only Policies that have been configured with a priority value less than or equal to $N will be loaded into the engine. For a given -profile, increasing $N will result in more violations. The default -priority is 1. See "CONFIGURATION" for more information.

-force controls whether Perl::Critic observes the magical "no critic" pseudo-pragmas in your code. If set to a true value, Perl::Critic will analyze all code. If set to a false value (which is the default) Perl::Critic will overlook code that is tagged with these comments. See "BENDING THE RULES" for more information.

METHODS

add_policy( -policy => $STRING [, -config => \%HASH ] )

Loads a Policy into this Critic engine. The engine will attmept to require the module named by $STRING and instantiate it. If the module fails to load or cannot be instantiated, it will throw a warning and return a false value. Otherwise, it returns a reference to this Critic engine.

-policy is the name of a Perl::Critic::Policy subclass module. The 'Perl::Critic::Policy' portion of the name can be omitted for brevity. This argument is required.

-config is an optional reference to a hash of Policy configuration parameters. The contents of this hash reference will be passed into to the constructor of the Policy module. See the documentation in the relevant Policy module for a description of the arguments it supports.

critique( $source_code )

Runs the $source_code through the Perl::Critic engine using all the policies that have been loaded into this engine. If $source_code is a scalar reference, then it is treated as string of actual Perl code. Otherwise, it is treated as a path to a file containing Perl code. Returns a list of Perl::Critic::Violation objects for each violation of the loaded Policies. The list is sorted in the order that the Violations appear in the code. If there are no violations, returns an empty list.

policies( void )

Returns a list containing references to all the Policy objects that have been loaded into this engine. Objects will be in the order that they were loaded.

CONFIGURATION

The default configuration file is called .perlcriticrc. Perl::Critic will look for this file in the current directory first, and then in your home directory. Alternatively, you can set the PERLCRITIC environment variable to explicitly point to a different configuration file in another location. If none of these files exist, and the -profile option is not given to the constructor, Perl::Critic defaults to its factory setup, which means that all the policies that are distributed with Perl::Critic will be loaded.

The format of the configuration file is a series of named sections that contain key-value pairs separated by '='. Comments should start with '#' and can be placed on a separate line or after the name-value pairs if you desire. The general recipe is a series of blocks like this:

    [Perl::Critic::Policy::Category::PolicyName]
    priority = 1
    arg1 = value1
    arg2 = value2

Perl::Critic::Policy::Category::PolicyName is the full name of a module that implements the policy. The Policy modules distributed with Perl::Critic have been grouped into categories according to the table of contents in Damian Conway's book Perl Best Practices. For brevity, you can ommit the 'Perl::Critic::Policy' part of the module name. The module must be a subclass of Perl::Critic::Policy.

priority is the level of importance you wish to assign to this policy. 1 is the "highest" priority level, and all numbers greater than 1 have increasingly "lower" priority. Only those policies with a priority less than or equal to the -priority value given to the Perl::Critic constructor will be loaded. The priority can be an arbitrarily large positive integer. If the priority is not defined, it defaults to 1.

The remaining key-value pairs are configuration parameters for that specific Policy and will be passed into the constructor of the Perl::Critic::Policy subclass. The constructors for most Policy modules do not support arguments, and those that do should have reasonable defaults. See the documentation on the appropriate Policy module for more details.

By default, all the policies that are distributed with Perl::Critic are loaded. Rather than assign a priority level to a Policy, you can simply "turn off" a Policy by prepending a '-' to the name of the module in the config file. In this manner, the Policy will never be loaded, regardless of the -priority given to the Perl::Critic constructor.

A simple configuration might look like this:

    #--------------------------------------------------------------
    # These are really important, so always load them

    [TestingAndDebugging::RequirePackageStricture]
    priority = 1

    [TestingAndDebugging::RequirePackageWarnings]
    priority = 1

    #--------------------------------------------------------------
    # These are less important, so only load when asked

    [Variables::ProhibitPackageVars]
    priority = 2

    [ControlStructures::ProhibitPostfixControls]
    priority = 2

    #--------------------------------------------------------------
    # I do not agree with these, so never load them

    [-NamingConventions::ProhibitMixedCaseVars]
    [-NamingConventions::ProhibitMixedCaseSubs]

THE POLICIES

The following Policy modules are distributed with Perl::Critic. The Policy modules have been categorized according to the table of contents in Damian Conway's book Perl Best Practices. Since most coding standards take the form "do this..." or "don't do that...", I have adopted the convention of naming each module RequireSomething or ProhibitSomething. See the documentation of each module for it's specific details.

Perl::Critic::Policy::BuiltinFunctions::ProhibitStringyEval

Write eval { my $foo; bar($foo) } instead of eval "my $foo; bar($foo);"

Perl::Critic::Policy::BuiltinFunctions::RequireBlockGrep

Write grep { $_ =~ /$pattern/ } @list instead of grep /$pattern/, @list

Perl::Critic::Policy::BuiltinFunctions::RequireBlockMap

Write map { $_ =~ /$pattern/ } @list instead of map /$pattern/, @list

Perl::Critic::Policy::BuiltinFunctions::RequireGlobFunction

Use glob q{*} instead of <*>

Perl::Critic::Policy::CodeLayout::ProhibitHardTabs

Use spaces instead of tabs

Perl::Critic::Policy::CodeLayout::ProhibitParensWithBuiltins

Write open $handle, $path instead of open($handle, $path)

Perl::Critic::Policy::CodeLayout::RequireTidyCode

Must run code through perltidy

Perl::Critic::Policy::ControlStructures::ProhibitCascadingIfElse

Don't write long "if-elsif-elsif-elsif-elsif...else" chains

Perl::Critic::Policy::ControlStructures::ProhibitCStyleForLoops

Write for(0..20) instead of for($i=0; $i<=20; $i++)

Perl::Critic::Policy::ControlStructures::ProhibitPostfixControls

Write if($condition){ do_something() } instead of do_something() if $condition

Perl::Critic::Policy::ControlStructures::ProhibitUnlessBlocks

Write if(! $condition) instead of unless($condition)

Perl::Critic::Policy::ControlStructures::ProhibitUntilBlocks

Write while(! $condition) instead of until($condition)

Perl::Critic::Policy::InputOutput::ProhibitBacktickOperators

Discourage stuff like @files = `ls $directory`

Perl::Critic::Policy::Modules::ProhibitMultiplePackages

Put packages (especially subclasses) in separate files

Perl::Critic::Policy::Modules::ProhibitRequireStatements

Write use Module instead of require 'Module.pm'

Perl::Critic::Policy::Modules::ProhibitSpecificModules

Don't use evil modules

Perl::Critic::Policy::Modules::ProhibitUnpackagedCode

Always make the package explicit

Perl::Critic::Policy::NamingConventions::ProhibitMixedCaseSubs

Write sub my_function{} instead of sub MyFunction{}

Perl::Critic::Policy::NamingConventions::ProhibitMixedCaseVars

Write $my_variable = 42 instead of $MyVariable = 42

Perl::Critic::Policy::Subroutines::ProhibitBuiltinHomonyms

Don't declare your own open function.

Perl::Critic::Policy::Subroutines::ProhibitExplicitReturnUndef

Return failure with bare return instead of return undef

Perl::Critic::Policy::Subroutines::ProhibitSubroutinePrototypes

Don't write sub my_function (@@) {}

Perl::Critic::Policy::TestingAndDebugging::RequirePackageStricture

Always use strict

Perl::Critic::Policy::TestingAndDebugging::RequirePackageWarnings

Always use warnings

Perl::Critic::Policy::ValuesAndExpressions::ProhibitConstantPragma

Don't use constant $FOO = 15>

Perl::Critic::Policy::ValuesAndExpressions::ProhibitEmptyQuotes

Write q{} instead of ''

Perl::Critic::Policy::ValuesAndExpressions::ProhibitInterpolationOfLiterals

Always use single quotes for literal strings.

Perl::Critic::Policy::ValuesAndExpressions::ProhibitLeadingZeros

Write oct(755) instead of 0755

Perl::Critic::Policy::ValuesAndExpressions::ProhibitNoisyQuotes

Use q{} or qq{} instead of quotes for awkward-looking strings

Perl::Critic::Policy::ValuesAndExpressions::RequireInterpolationOfMetachars

Warns that you might have used single quotes when you really wanted double-quotes.

Perl::Critic::Policy::ValuesAndExpressions::RequireNumberSeparators

Write 141_234_397.0145 instead of 141234397.0145

Perl::Critic::Policy::ValuesAndExpressions::RequireQuotedHeredocTerminator

Write print <<'THE_END' or print <<"THE_END"

Perl::Critic::Policy::ValuesAndExpressions::RequireUpperCaseHeredocTerminator

Perl::Critic::Policy::Variables::ProhibitLocalVars

Use my instead of local, except when you have to.

Perl::Critic::Policy::Variables::ProhibitPackageVars

Eliminate globals declared with our or use vars

Perl::Critic::Policy::Variables::ProhibitPunctuationVars

Write $EVAL_ERROR instead of $@

BENDING THE RULES

NOTE: This feature changed in version 0.12 and is not backward compatible with earlier versions.

Perl::Critic takes a hard-line approach to your code: either you comply or you don't. In the real world, it is not always practical (or even possible) to fully comply with coding standards. In such cases, it is wise to show that you are knowlingly violating the standards and that you have a Damn Good Reason (DGR) for doing so.

To help with those situations, you can direct Perl::Critic to ignore certain lines or blocks of code by using pseudo-pragmas:

    require 'LegacyLibaray1.pl';  ## no critic
    require 'LegacyLibrary2.pl';  ## no critic

    for my $element (@list) {

        ## no critic

        $foo = "";               #Violates 'ProhibitEmptyQuotes'
        $barf = bar() if $foo;   #Violates 'ProhibitPostfixControls'
        #Some more evil code...

        ## use critic

        #Some good code...
        do_something($_);
    }

The "## no critic" comments direct Perl::Critic to overlook the remaining lines of code until the end of the current block, or until a "## use critic" comment is found (whichever comes first). If the "## no critic" comment is on the same line as a code statement, then only that line of code is overlooked. To direct perlcritic to ignore the "## no critic" comments, use the -force option.

Use this feature wisely. "## no critic" should be used in the smallest possible scope, or only on individual lines of code. If Perl::Critic complains about your code, try and find a compliant solution before resorting to this feature.

EXTENDING THE CRITIC

The modular design of Perl::Critic is intended to facilitate the addition of new Policies. To create a new Policy, make a subclass of Perl::Critic::Policy and override the violations() method. Your module should go somewhere in the Perl::Critic::Policy namespace. To use the new Policy, just add it to your .perlcriticrc file. You'll need to have some understanding of PPI, but most Policy modules are pretty straightforward and only require about 20 lines of code.

If you develop any new Policy modules, feel free to send them to <thaljef@cpan.org> and I'll be happy to put them into the Perl::Critic distribution.

IMPORTANT CHANGES

As new Policy modules were added to Perl::Critic, the overall performance started to deteriorate rapidily. Since each module would traverse the document (several times for some modules), a lot of time was spent iterating over the same document nodes. So starting in version 0.11, I have switched to a stream-based approach where the document is traversed once and every Policy module is tested at each node. The result is roughly 300% a improvement. Unfortunately, Policy modules prior to version 0.11 won't be compatible. Hopefully, few people have started creating their own Policy modules. Converting them to the stream-based model is fairly easy, and actually reqults in somewhat cleaner code. Look at the ControlStrucutres::* modules for some examples.

BUGS

Scrutinizing Perl code is hard for humans, let alone machines. If you find any bugs, particularly false-positives or false-negatives from a Perl::Critic::Policy, please submit them to http://rt.cpan.org/NoAuth/Bugs.html?Dist=Perl-Critic. Thanks.

CREDITS

Adam Kennedy - For creating PPI, the heart and soul of Perl::Critic.

Damian Conway - For writing Perl Best Practices

Giuseppe Maxia - For all the great ideas and enhancements.

Sharon, my wife - For putting up with my all-night code sessions

AUTHOR

Jeffrey Ryan Thalhammer <thaljef@cpan.org>

COPYRIGHT

Copyright (c) 2005 Jeffrey Ryan Thalhammer. All rights reserved.

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The full text of this license can be found in the LICENSE file included with this module.

cpanm Perl::Critic

perl -MCPAN -e shell
install Perl::Critic