Showing 220 of 220 total issues
Avoid too many return
statements within this method. Open
return response()->json(null, 400);
Function callback
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
public function callback(Request $request)
{
// get back pending OAuth credentials validation from session
$oauthCredentials = session()->get('warlof.slackbot.credentials');
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function checkCacheDirectory
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
private function checkCacheDirectory() : bool
{
if (!is_dir($this->cache_path) && !@mkdir($this->cache_path, 0775, true))
throw new CachePathException('Unable to create cache directory ' . $this->cache_path);
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function __construct
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
public function __construct(array $data = null) {
if (!is_null($data)) {
foreach ($data as $key => $value) {
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Function handle
has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring. Open
public function handle() {
logger()->debug('Slack Receptionist - Starting job...');
// resetting cache before queuing jobs
- Read upRead up
Cognitive Complexity
Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.
A method's cognitive complexity is based on a few simple rules:
- Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
- Code is considered more complex for each "break in the linear flow of the code"
- Code is considered more complex when "flow breaking structures are nested"
Further reading
Define a constant instead of duplicating this literal "role_id" 3 times. Open
$channelRole = SlackChannelRole::where('role_id', $role_id)
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "im:read" 3 times. Open
'/conversations.info' => ['channels:read', 'groups:read', 'im:read', 'mpim:read', 'read'],
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define a constant instead of duplicating this literal "channels:write" 3 times. Open
'/conversations.invite' => ['channels:write', 'groups:write', 'im:write', 'mpim:write', 'post'],
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Add curly braces around the nested statement(s). Open
if ($this->expires()->lte(
- Read upRead up
- Exclude checks
While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.
Noncompliant Code Example
if (condition) // Noncompliant executeSomething();
Compliant Solution
if (condition) { executeSomething(); }
See
- MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
- CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
- CERT, EXP52-J. - Use braces for the body of an if, for, or while statement
Refactor this function to reduce its Cognitive Complexity from 17 to the 15 allowed. Open
private function httpRequest(string $method, string $uri, array $headers = [], array $body = []) : SlackResponse
- Read upRead up
- Exclude checks
Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.
See
Rename "$tags" which has the same name as the field declared at line 38. Open
$tags = ['slackbot'];
- Read upRead up
- Exclude checks
Shadowing fields with a local variable is a bad practice that reduces code readability: it makes it confusing to know whether the field or the variable is being used.
Noncompliant Code Example
class Foo { public $myField; public function doSomething() { $myField = 0; ... } }
See
- CERT, DCL51-J. - Do not shadow or obscure identifiers in subscopes
Define a constant instead of duplicating this literal "bouncer:slackbot.security" 4 times. Open
'middleware' => 'bouncer:slackbot.security',
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Define and throw a dedicated exception instead of using a generic one. Open
throw new Exception($result['error']);
- Read upRead up
- Exclude checks
If you throw a general exception type, such as ErrorException, RuntimeException, or Exception in a library or framework, it forces consumers to catch all exceptions, including unknown exceptions that they do not know how to handle.
Instead, either throw a subtype that already exists in the Standard PHP Library, or create your own type that derives from Exception.
Noncompliant Code Example
throw new Exception(); // Noncompliant
Compliant Solution
throw new InvalidArgumentException(); // or throw new UnexpectedValueException();
See
- MITRE, CWE-397 - Declaration of Throws for Generic Exception
- CERT, ERR07-J. - Do not throw RuntimeException, Exception, or Throwable
Define a constant instead of duplicating this literal "token" 4 times. Open
'token' => 'required|string',
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Add a "case default" clause to this "switch" statement. Open
switch ($request->input('type')) {
- Read upRead up
- Exclude checks
The requirement for a final case default
clause is defensive programming. The clause should either take appropriate action, or contain
a suitable comment as to why no action is taken. Even when the switch
covers all current values of an enum
, a default case
should still be used because there is no guarantee that the enum
won't be extended.
Noncompliant Code Example
switch ($param) { //missing default clause case 0: do_something(); break; case 1: do_something_else(); break; } switch ($param) { default: // default clause should be the last one error(); break; case 0: do_something(); break; case 1: do_something_else(); break; }
Compliant Solution
switch ($param) { case 0: do_something(); break; case 1: do_something_else(); break; default: error(); break; }
See
- MISRA C:2004, 15.0 - The MISRA C switch syntax shall be used.
- MISRA C:2004, 15.3 - The final clause of a switch statement shall be the default clause
- MISRA C++:2008, 6-4-3 - A switch statement shall be a well-formed switch statement.
- MISRA C++:2008, 6-4-6 - The final clause of a switch statement shall be the default-clause
- MISRA C:2012, 16.1 - All switch statements shall be well-formed
- MISRA C:2012, 16.4 - Every switch statement shall have a default label
- MISRA C:2012, 16.5 - A default label shall appear as either the first or the last switch label of a switch statement
- MITRE, CWE-478 - Missing Default Case in Switch Statement
- CERT, MSC01-C. - Strive for logical completeness
- CERT, MSC01-CPP. - Strive for logical completeness
Remove this unused "$conversationEvents" private field. Open
private $conversationEvents = [
- Read upRead up
- Exclude checks
If a private
field is declared but not used in the program, it can be considered dead code and should therefore be removed. This will
improve maintainability because developers will not wonder what the variable is used for.
Noncompliant Code Example
class MyClass { private $foo = 4; //foo is unused public function compute($a) { return $a * 4; } }
Compliant Solution
class MyClass { public function compute($a) { return $a * 4; } }
See
- CERT, MSC12-CPP. - Detect and remove code that has no effect
Add curly braces around the nested statement(s). Open
if ($channel = SlackChannel::find($channelId))
- Read upRead up
- Exclude checks
While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.
Noncompliant Code Example
if (condition) // Noncompliant executeSomething();
Compliant Solution
if (condition) { executeSomething(); }
See
- MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
- CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
- CERT, EXP52-J. - Use braces for the body of an if, for, or while statement
Define a constant instead of duplicating this literal "members" 3 times. Open
$response = Cache::tags(['conversations', 'members'])->get($this->getConnector()->buildDataUri('/conversations.members'));
- Read upRead up
- Exclude checks
Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.
On the other hand, constants can be referenced from many places, but only need to be updated in a single place.
Noncompliant Code Example
With the default threshold of 3:
function run() { prepare('action1'); // Non-Compliant - 'action1' is duplicated 3 times execute('action1'); release('action1'); }
Compliant Solution
ACTION_1 = 'action1'; function run() { prepare(ACTION_1); execute(ACTION_1); release(ACTION_1); }
Exceptions
To prevent generating some false-positives, literals having less than 5 characters are excluded.
Add curly braces around the nested statement(s). Open
if (property_exists($data, 'errors'))
- Read upRead up
- Exclude checks
While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.
Noncompliant Code Example
if (condition) // Noncompliant executeSomething();
Compliant Solution
if (condition) { executeSomething(); }
See
- MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
- CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
- CERT, EXP52-J. - Use braces for the body of an if, for, or while statement
Add curly braces around the nested statement(s). Open
if ($this->getAuthentication())
- Read upRead up
- Exclude checks
While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.
Noncompliant Code Example
if (condition) // Noncompliant executeSomething();
Compliant Solution
if (condition) { executeSomething(); }
See
- MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
- MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
- MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
- CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
- CERT, EXP52-J. - Use braces for the body of an if, for, or while statement