Cognitive Complexity

Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

A method's cognitive complexity is based on a few simple rules:

• Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
• Code is considered more complex for each "break in the linear flow of the code"
• Code is considered more complex when "flow breaking structures are nested"

Further reading

• Cognitive Complexity docs
• Cognitive Complexity: A new way of measuring understandability

CyclomaticComplexity

Since: 0.1

Complexity is determined by the number of decision points in a method plus one for the method entry. The decision points are 'if', 'while', 'for', and 'case labels'. Generally, 1-4 is low complexity, 5-7 indicates moderate complexity, 8-10 is high complexity, and 11+ is very high complexity.

Example

// Cyclomatic Complexity = 11
class Foo {
1   public function example() {
2       if ($a == $b) {
3           if ($a1 == $b1) {
                fiddle();
4           } elseif ($a2 == $b2) {
                fiddle();
            } else {
                fiddle();
            }
5       } elseif ($c == $d) {
6           while ($c == $d) {
                fiddle();
            }
7        } elseif ($e == $f) {
8           for ($n = 0; $n < $h; $n++) {
                fiddle();
            }
        } else {
            switch ($z) {
9               case 1:
                    fiddle();
                    break;
10              case 2:
                    fiddle();
                    break;
11              case 3:
                    fiddle();
                    break;
                default:
                    fiddle();
                    break;
            }
        }
    }
}

Source https://phpmd.org/rules/codesize.html#cyclomaticcomplexity

Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.

See

• Cognitive Complexity

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

MissingImport

Since: 2.7.0

Importing all external classes in a file through use statements makes them clearly visible.

Example

function make() {
    return new \stdClass();
}

Source http://phpmd.org/rules/cleancode.html#MissingImport

IfStatementAssignment

Since: 2.7.0

Assignments in if clauses and the like are considered a code smell. Assignments in PHP return the right operand as their result. In many cases, this is an expected behavior, but can lead to many difficult to spot bugs, especially when the right operand could result in zero, null or an empty string and the like.

Example

class Foo
{
    public function bar($flag)
    {
        if ($foo = 'bar') { // possible typo
            // ...
        }
        if ($baz = 0) { // always false
            // ...
        }
    }
}

Source http://phpmd.org/rules/cleancode.html#ifstatementassignment

Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

Noncompliant Code Example

With the default threshold of 3:

function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

Compliant Solution

ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

Exceptions

To prevent generating some false-positives, literals having less than 5 characters are excluded.

Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

Noncompliant Code Example

With the default threshold of 3:

function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

Compliant Solution

ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

Exceptions

To prevent generating some false-positives, literals having less than 5 characters are excluded.

Jump statements (return, break, continue, and goto) and throw expressions move control flow out of the current code block. Typically, any statements in a block that come after a jump or throw are simply wasted keystrokes lying in wait to confuse the unwary.

Rarely, as illustrated below, code after a jump or throw is reachable. However, such code is difficult to understand, and should be refactored.

Noncompliant Code Example

function fun($a) {
  $i = 10;
  return $i + $a;
  $i++;             // this is never executed
}

function foo($a) {
  if ($a == 5) {
    goto error;
  } else {
    // do the job
  }
  return;

  error:
    printf("don't use 5"); // this is reachable but unreadable

}

Compliant Solution

function fun($a) {
  $i = 10;
  return $i + $a;
}

function foo($a) {
  if ($a == 5) {
    handleError();
  } else {
    // do the job
  }
  return;
}

See

• MISRA C:2004, 14.1 - There shall be no unreachable code
• MISRA C++:2008, 0-1-1 - A project shall not contain unreachable code
• MISRA C++:2008, 0-1-9 - There shall be no dead code
• MISRA C:2012, 2.1 - A project shall not contain unreachable code
• MISRA C:2012, 2.2 - There shall be no dead code
• MITRE, CWE-561 - Dead Code
• CERT, MSC56-J. - Detect and remove superfluous code and values
• CERT, MSC12-C. - Detect and remove code that has no effect or is never executed
• CERT, MSC07-CPP. - Detect and remove dead code

Jump statements (return, break, continue, and goto) and throw expressions move control flow out of the current code block. Typically, any statements in a block that come after a jump or throw are simply wasted keystrokes lying in wait to confuse the unwary.

Rarely, as illustrated below, code after a jump or throw is reachable. However, such code is difficult to understand, and should be refactored.

Noncompliant Code Example

function fun($a) {
  $i = 10;
  return $i + $a;
  $i++;             // this is never executed
}

function foo($a) {
  if ($a == 5) {
    goto error;
  } else {
    // do the job
  }
  return;

  error:
    printf("don't use 5"); // this is reachable but unreadable

}

Compliant Solution

function fun($a) {
  $i = 10;
  return $i + $a;
}

function foo($a) {
  if ($a == 5) {
    handleError();
  } else {
    // do the job
  }
  return;
}

See

• MISRA C:2004, 14.1 - There shall be no unreachable code
• MISRA C++:2008, 0-1-1 - A project shall not contain unreachable code
• MISRA C++:2008, 0-1-9 - There shall be no dead code
• MISRA C:2012, 2.1 - A project shall not contain unreachable code
• MISRA C:2012, 2.2 - There shall be no dead code
• MITRE, CWE-561 - Dead Code
• CERT, MSC56-J. - Detect and remove superfluous code and values
• CERT, MSC12-C. - Detect and remove code that has no effect or is never executed
• CERT, MSC07-CPP. - Detect and remove dead code

ShortVariable

Since: 0.2

Detects when a field, local, or parameter has a very short name.

Example

class Something {
    private $q = 15; // VIOLATION - Field
    public static function main( array $as ) { // VIOLATION - Formal
        $r = 20 + $this->q; // VIOLATION - Local
        for (int $i = 0; $i < 10; $i++) { // Not a Violation (inside FOR)
            $r += $this->q;
        }
    }
}

Source https://phpmd.org/rules/naming.html#shortvariable