Skip to content

Insights Code scanning report #3

New issue
New issue
Open
Open
Insights Code scanning report#3
@RenierLewis

Description

@RenierLewis
RenierLewis
opened on Apr 16, 2018

Hi

Thank you for your great work with this bundle and your contribution to the open source community.

I have put the bundle through Sensiolabs Insights code scanning and just wanted to share the findings with you.

The scanning found 11 Major, 20 Minor, 36 Info issues/recommendations.

They are:
PHP configuration should not be changed dynamically
MajorBugrisk
in Service/Adapter/AmazonS3.php, line 208
ini_set('zlib.output_compression', 'Off');
Changing PHP configuration dynamically through ini_set() may create hard to debug errors.

See https://insight.sensiolabs.com/what-we-analyse/php.dynamically_change_configuration

exit() and die() functions should be avoided
MajorBugrisk
in Service/Adapter/AmazonS3.php, line 260

See https://insight.sensiolabs.com/what-we-analyse/php.use_exit_function

PHP response functions should not be used 6
MajorBugrisk
in Service/Adapter/AmazonS3.php, line 230

header('Cache-Control: public, max-age=0');
Using PHP response functions (like header() here) is discouraged, as it bypasses the Symfony event system. Use the HttpFoundationResponse class instead.

in Service/Adapter/AmazonS3.php, line 231
in Service/Adapter/AmazonS3.php, line 232
in Service/Adapter/AmazonS3.php, line 233
in Service/Adapter/AmazonS3.php, line 234
in Service/Adapter/AmazonS3.php, line 236

See https://insight.sensiolabs.com/what-we-analyse/symfony.use_php_response_function

Absolute path constants DIR and FILE should not be used 3
MajorBugrisk
in Test/AbstractAdapterTest.php, line 34
if (!is_dir(dirname(FILE).'/../Tests/tmp')) {
DIR and FILE constants may conflict with the Symfony resource overriding system

in Test/AbstractAdapterTest.php, line 35
in Test/AbstractAdapterTest.php, line 39

See https://insight.sensiolabs.com/what-we-analyse/symfony.dependency_injection.use_dir_file_constant

Attached is a more detailed report.
KitpagesFileSystemBundle - SensioLabsInsight.pdf

If possible for you to fix these issues/comments/recommendations with a future commit, it will be appreciated.

Kind Regards
Renier Lewis

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions