Sign upLogin

warlof/slackbot

View on GitHub
Star

Showing 220 of 220 total issues

Avoid too many return statements within this method.
Open

                    return response()->json(null, 400);
Severity: Major
Found in src/Http/Controllers/Services/EventController.php - About 30 mins to fix

    Function callback has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
    Open

        public function callback(Request $request)
    {
        // get back pending OAuth credentials validation from session
        $oauthCredentials = session()->get('warlof.slackbot.credentials');
    Severity: Minor
    Found in src/Http/Controllers/Services/OAuthController.php - About 25 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function checkCacheDirectory has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
    Open

        private function checkCacheDirectory() : bool
    {
        if (!is_dir($this->cache_path) && !@mkdir($this->cache_path, 0775, true))
            throw new CachePathException('Unable to create cache directory ' . $this->cache_path);
    Severity: Minor
    Found in src/Repositories/Slack/Cache/FileCache.php - About 25 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function __construct has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
    Open

        public function __construct(array $data = null) {

        if (!is_null($data)) {

            foreach ($data as $key => $value) {
    Severity: Minor
    Found in src/Repositories/Slack/Containers/Traits/ConstructsContainers.php - About 25 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Function handle has a Cognitive Complexity of 6 (exceeds 5 allowed). Consider refactoring.
    Open

        public function handle() {

        logger()->debug('Slack Receptionist - Starting job...');

        // resetting cache before queuing jobs
    Severity: Minor
    Found in src/Jobs/ConversationDispatcher.php - About 25 mins to fix

    Cognitive Complexity

    Cognitive Complexity is a measure of how difficult a unit of code is to intuitively understand. Unlike Cyclomatic Complexity, which determines how difficult your code will be to test, Cognitive Complexity tells you how difficult your code will be to read and comprehend.

    A method's cognitive complexity is based on a few simple rules:

    • Code is not considered more complex when it uses shorthand that the language provides for collapsing multiple statements into one
    • Code is considered more complex for each "break in the linear flow of the code"
    • Code is considered more complex when "flow breaking structures are nested"

    Further reading

    Define a constant instead of duplicating this literal "role_id" 3 times.
    Open

            $channelRole = SlackChannelRole::where('role_id', $role_id)
    Severity: Critical
    Found in src/Http/Controllers/SlackbotJsonController.php by sonar-php

    Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

    On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

    Noncompliant Code Example

    With the default threshold of 3:

    function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

    Compliant Solution

    ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

    Exceptions

    To prevent generating some false-positives, literals having less than 5 characters are excluded.

    Define a constant instead of duplicating this literal "im:read" 3 times.
    Open

                '/conversations.info'    => ['channels:read', 'groups:read', 'im:read', 'mpim:read', 'read'],
    Severity: Critical
    Found in src/Repositories/Slack/Access/CheckAccess.php by sonar-php

    Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

    On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

    Noncompliant Code Example

    With the default threshold of 3:

    function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

    Compliant Solution

    ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

    Exceptions

    To prevent generating some false-positives, literals having less than 5 characters are excluded.

    Define a constant instead of duplicating this literal "channels:write" 3 times.
    Open

                '/conversations.invite'  => ['channels:write', 'groups:write', 'im:write', 'mpim:write', 'post'],
    Severity: Critical
    Found in src/Repositories/Slack/Access/CheckAccess.php by sonar-php

    Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

    On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

    Noncompliant Code Example

    With the default threshold of 3:

    function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

    Compliant Solution

    ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

    Exceptions

    To prevent generating some false-positives, literals having less than 5 characters are excluded.

    Add curly braces around the nested statement(s).
    Open

            if ($this->expires()->lte(
    Severity: Critical
    Found in src/Repositories/Slack/Containers/SlackResponse.php by sonar-php

    While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.

    Noncompliant Code Example

    if (condition)  // Noncompliant
  executeSomething();

    Compliant Solution

    if (condition) {
  executeSomething();
}

    See

    • MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
    • CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
    • CERT, EXP52-J. - Use braces for the body of an if, for, or while statement

    Refactor this function to reduce its Cognitive Complexity from 17 to the 15 allowed.
    Open

        private function httpRequest(string $method, string $uri, array $headers = [], array $body = []) : SlackResponse
    Severity: Critical
    Found in src/Repositories/Slack/Fetchers/GuzzleFetcher.php by sonar-php

    Cognitive Complexity is a measure of how hard the control flow of a function is to understand. Functions with high Cognitive Complexity will be difficult to maintain.

    See

    Rename "$tags" which has the same name as the field declared at line 38.
    Open

            $tags = ['slackbot'];
    Severity: Major
    Found in src/Jobs/SlackJobBase.php by sonar-php

    Shadowing fields with a local variable is a bad practice that reduces code readability: it makes it confusing to know whether the field or the variable is being used.

    Noncompliant Code Example

    class Foo {
  public $myField;

  public function doSomething() {
    $myField = 0;
    ...
  }
}

    See

    Define a constant instead of duplicating this literal "bouncer:slackbot.security" 4 times.
    Open

                'middleware' => 'bouncer:slackbot.security',
    Severity: Critical
    Found in src/Http/routes.php by sonar-php

    Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

    On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

    Noncompliant Code Example

    With the default threshold of 3:

    function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

    Compliant Solution

    ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

    Exceptions

    To prevent generating some false-positives, literals having less than 5 characters are excluded.

    Define and throw a dedicated exception instead of using a generic one.
    Open

                    throw new Exception($result['error']);
    Severity: Major
    Found in src/Http/Controllers/Services/OAuthController.php by sonar-php

    If you throw a general exception type, such as ErrorException, RuntimeException, or Exception in a library or framework, it forces consumers to catch all exceptions, including unknown exceptions that they do not know how to handle.

    Instead, either throw a subtype that already exists in the Standard PHP Library, or create your own type that derives from Exception.

    Noncompliant Code Example

    throw new Exception();  // Noncompliant

    Compliant Solution

    throw new InvalidArgumentException();
// or
throw new UnexpectedValueException();

    See

    Define a constant instead of duplicating this literal "token" 4 times.
    Open

                'token' => 'required|string',
    Severity: Critical
    Found in src/Http/Controllers/Services/EventController.php by sonar-php

    Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

    On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

    Noncompliant Code Example

    With the default threshold of 3:

    function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

    Compliant Solution

    ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

    Exceptions

    To prevent generating some false-positives, literals having less than 5 characters are excluded.

    Add a "case default" clause to this "switch" statement.
    Open

            switch ($request->input('type')) {
    Severity: Critical
    Found in src/Http/Controllers/Services/EventController.php by sonar-php

    The requirement for a final case default clause is defensive programming. The clause should either take appropriate action, or contain a suitable comment as to why no action is taken. Even when the switch covers all current values of an enum, a default case should still be used because there is no guarantee that the enum won't be extended.

    Noncompliant Code Example

    switch ($param) {  //missing default clause
  case 0:
    do_something();
    break;
  case 1:
    do_something_else();
    break;
}

switch ($param) {
  default: // default clause should be the last one
    error();
    break;
  case 0:
    do_something();
    break;
  case 1:
    do_something_else();
    break;
}

    Compliant Solution

    switch ($param) {
  case 0:
    do_something();
    break;
  case 1:
    do_something_else();
    break;
  default:
    error();
    break;
}

    See

    • MISRA C:2004, 15.0 - The MISRA C switch syntax shall be used.
    • MISRA C:2004, 15.3 - The final clause of a switch statement shall be the default clause
    • MISRA C++:2008, 6-4-3 - A switch statement shall be a well-formed switch statement.
    • MISRA C++:2008, 6-4-6 - The final clause of a switch statement shall be the default-clause
    • MISRA C:2012, 16.1 - All switch statements shall be well-formed
    • MISRA C:2012, 16.4 - Every switch statement shall have a default label
    • MISRA C:2012, 16.5 - A default label shall appear as either the first or the last switch label of a switch statement
    • MITRE, CWE-478 - Missing Default Case in Switch Statement
    • CERT, MSC01-C. - Strive for logical completeness
    • CERT, MSC01-CPP. - Strive for logical completeness

    Remove this unused "$conversationEvents" private field.
    Open

        private $conversationEvents = [
    Severity: Major
    Found in src/Http/Controllers/Services/Traits/ConversationHandler.php by sonar-php

    If a private field is declared but not used in the program, it can be considered dead code and should therefore be removed. This will improve maintainability because developers will not wonder what the variable is used for.

    Noncompliant Code Example

    class MyClass {
  private $foo = 4;                       //foo is unused

  public function compute($a) {
    return $a * 4;
  }
}

    Compliant Solution

    class MyClass {

  public function compute($a) {
    return $a * 4;
  }
}

    See

    Add curly braces around the nested statement(s).
    Open

            if ($channel = SlackChannel::find($channelId))
    Severity: Critical
    Found in src/Http/Controllers/Services/Traits/ConversationHandler.php by sonar-php

    While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.

    Noncompliant Code Example

    if (condition)  // Noncompliant
  executeSomething();

    Compliant Solution

    if (condition) {
  executeSomething();
}

    See

    • MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
    • CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
    • CERT, EXP52-J. - Use braces for the body of an if, for, or while statement

    Define a constant instead of duplicating this literal "members" 3 times.
    Open

            $response = Cache::tags(['conversations', 'members'])->get($this->getConnector()->buildDataUri('/conversations.members'));
    Severity: Critical
    Found in src/Http/Controllers/Services/Traits/SlackApiConnector.php by sonar-php

    Duplicated string literals make the process of refactoring error-prone, since you must be sure to update all occurrences.

    On the other hand, constants can be referenced from many places, but only need to be updated in a single place.

    Noncompliant Code Example

    With the default threshold of 3:

    function run() {
  prepare('action1');                              // Non-Compliant - 'action1' is duplicated 3 times
  execute('action1');
  release('action1');
}

    Compliant Solution

    ACTION_1 = 'action1';

function run() {
  prepare(ACTION_1);
  execute(ACTION_1);
  release(ACTION_1);
}

    Exceptions

    To prevent generating some false-positives, literals having less than 5 characters are excluded.

    Add curly braces around the nested statement(s).
    Open

            if (property_exists($data, 'errors'))
    Severity: Critical
    Found in src/Repositories/Slack/Containers/SlackResponse.php by sonar-php

    While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.

    Noncompliant Code Example

    if (condition)  // Noncompliant
  executeSomething();

    Compliant Solution

    if (condition) {
  executeSomething();
}

    See

    • MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
    • CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
    • CERT, EXP52-J. - Use braces for the body of an if, for, or while statement

    Add curly braces around the nested statement(s).
    Open

            if ($this->getAuthentication())
    Severity: Critical
    Found in src/Repositories/Slack/Fetchers/GuzzleFetcher.php by sonar-php

    While not technically incorrect, the omission of curly braces can be misleading, and may lead to the introduction of errors during maintenance.

    Noncompliant Code Example

    if (condition)  // Noncompliant
  executeSomething();

    Compliant Solution

    if (condition) {
  executeSomething();
}

    See

    • MISRA C:2004, 14.8 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C:2004, 14.9 - An if (expression) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C++:2008, 6-3-1 - The statement forming the body of a switch, while, do ... while or for statement shall be a compound statement
    • MISRA C++:2008, 6-4-1 - An if (condition) construct shall be followed by a compound statement. The else keyword shall be followed by either a compound statement, or another if statement
    • MISRA C:2012, 15.6 - The body of an iteration-statement or a selection-statement shall be a compound-statement
    • CERT, EXP19-C. - Use braces for the body of an if, for, or while statement
    • CERT, EXP52-J. - Use braces for the body of an if, for, or while statement
    Severity
    Category
    Status
    Source
    Language