NAME

perlcritic - Command-line interface to critique Perl source

SYNOPSIS

perlcritic [ -12345 | -severity number ] [ -noprofile | -profile file ]
           [ -top [ number ]] [ -include pattern ] [ -exclude pattern ]
           [ -verbose number | format ] [ -force ] [ -Version ]
           [ -list ] [ -help ] [ -man ]   [ FILE | DIRECTORY ]

DESCRIPTION

perlcritic is a Perl source code analyzer. It is the executable front-end to the Perl::Critic engine, which attempts to identify awkward, hard to read, error-prone, or unconventional constructs in your code. Most of the rules are based on Damian Conway's book Perl Best Practices, but they can easily be configured or disabled to your liking.

If you want to integrate perlcritic with your build process, the Test::Perl::Critic module provides a nice interface that is suitable for test scripts. For ultimate convenience (at the expense of some flexibility) see the criticism pragma.

Win32 and ActivePerl users can find PPM distributions of Perl::Critic at http://theoryx5.uwinnipeg.ca/ppms/.

USAGE EXAMPLES

Before getting into all the gory details, here are some basic usage examples to help get you started.

#Report only most severe violations (severity = 5)
perlcritic YourModule.pm

#Same as above, but read input from STDIN
perlcritic

#Recursively process all Perl files beneath directory
perlcritic /some/directory

#Report slightly less severe violations too (severity >= 4)
perlcritic -4 YourModule.pm

#Report all violations, regardless of severity (severity >= 1)
perlcritic -1 YourModule.pm

#Report top 20 most severe violations (severity >= 1)
perlcritic -top YourModule.pm

#Report top 20 violations with severity >= 3
perlcritic -3 -top YourModule.pm

#Report additional violations of Policies that match m/variables/ix
perlcritic -include variables YourModule.pm

ARGUMENTS

The arguments are paths to the files you wish to analyze. You may specify multiple files. If an argument is a directory, perlcritic will analyze all Perl files below the directory. If no arguments are specified, then input is read from STDIN.

OPTIONS

Option names can be abbreviated to uniqueness and can be stated with singe or double dashes, and option values can be separated from the option name by a space or '=' (as with Getopt::Long). Option names are also case-sensitive.

-profile FILE

Directs perlcritic to use a profile named by FILE rather than looking for the default .perlcriticrc file in the current directory or your home directory. See "CONFIGURATION" for more information.

-noprofile

Directs perlcritic not to load any configuration file, thus reverting to the default configuration for all Policies.

-severity N

Directs perlcritic to only report violations of Policies with a severity greater than N. Severity values are integers ranging from 1 (least severe) to 5 (most severe). The default is 5. For a given -profile, decreasing the -severity will usually produce more violations. Users can redefine the severity for any Policy in their .perlcriticrc file. See "CONFIGURATION" for more information.

-5 | -4 | -3 | -2 | -1

These are shortcuts for setting the -severity option. For example "-4" is equivalent to "-severity 4". Using one of these shortcuts causes an explicit -severity option to be silently ignored if it is given. If multiple shortcuts are specified, then the lowest one wins. NOTE: Be careful not to put one of the severity shortcut options immediately after the -top flag or perlcritic will interpret it as the number of violations to report.

-top [ N ]

Directs perlcritic to report only the top N Policy violations in each file, ranked by their severity. If N is not specified, it defaults to 20. If the -severity option (or one of the shortcuts) is not explicitly given, the -top option implies that the minimum severity level is 1. Users can redefine the severity for any Policy in their .perlcriticrc file. See "CONFIGURATION" for more information. NOTE: Be careful not to put one of the severity shortcut options immediately after the -top flag or perlcritic will interpret it as the number of violations to report.

-include PATTERN

Directs perlcritic to report additional violations of all Policy modules that match the regex /PATTERN/imx. Use this option to temporarily override your profile and/or the severity settings at the command-line. For example:

perlcritic --include=layout my_file.pl

This would cause perlcritic to report violations of all the CodeLayout::* policies even if they have a severity level that is less than the default level of 5, or have been disabled in your .perlcriticrc file. You can specify multiple -include options and you can use it in conjunction with the -exclude option. Note that -exclude takes precedence over -include when a Policy matches both patterns.

-exclude PATTERN

Directs perlcritic to not report violations of any Policy modules that match the regex /PATTERN/imx. Use this option to temporarily override your profile and/or the severity settings at the command-line. For example:

perlcritic --exclude=strict my_file.pl

This would cause perlcritic to not report violations of the RequireUseStrict and ProhibitNoStrict policies even though they have a severity level that is greater than 1. You can specify multiple -exclude options and you can use it in conjunction with the -include option. Note that -exclude takes precedence over -include when a Policy matches both patterns.

-force

Directs perlcritic to ignore the magical ## no critic pseudo-pragmas in the source code. See "BENDING THE RULES" for more information.

-verbose N | FORMAT

Sets the verbosity level or format for reporting violations. If given a number (N), perlcritic reports violations using one of the predefined formats described below. If given a string (FORMAT), it is interpreted to be an actual format specification. If the -verbose option is not specified, it defaults to either 2 or 3, depending on whether multiple files were given as arguments to perlcritic.

Verbosity     Format Specification
-----------   --------------------------------------------------------------------
1             "%f:%l:%c:%m\n"
2             "%m at line %l, column %c.  %e. (Severity: %s)\n"
3             "%f: %m at line %l, column %c.  %e. (Severity: %s)\n"
4             "%m near '%r'. (Severity: %s)\n"
5             "%f: %m near '%r'. (Severity: %s)\n"
6             "%m at line %l, column %c near '%r'.  %e. (Severity: %s)\n"
7             "%f: %m at line %l, column %c near '%r'.  %e. (Severity: %s)\n"
8             "[%p] %m at line %l, column %c near '%r'.  %e. (Severity: %s)\n"
9             "[%p] %m at line %l, column %c near '%r'.  %e. (Severity: %s)\n%d\n"

Formats are a combination of literal and escape characters similar to the way sprintf works. See String::Format for a full explanation of the formatting capabilities. Valid escape characters are:

Escape    Meaning
-------   ------------------------------------------------------------------------
%m        Brief description of the violation
%f        Name of the file where the violation occurred.
%l        Line number where the violation occurred
%c        Column number where the violation occurred
%e        Explanation of violation or page numbers in PBP
%d        Full diagnostic discussion of the violation
%r        The string of source code that caused the violation
%p        Name of the Policy module that created the violation
%s        The severity level of the violation

The purpose of these formats is to provide some compatibility with editors that have an interface for parsing certain kinds of input. See "EDITOR INTEGRATION" for more information about that.

-list

Displays a listing of all the Perl::Critic::Policy modules that are found on this machine. For each Policy, the default severity and user-defined severity is also shown. If the user has not overridden the severity for a particular Policy in their .perlcriticrc file, then the user-defined severity will be the same as the default severity. This can be useful for discovering the Policy modules that you have available and tuning the severity levels in your .perlcriticrc file.

-Safari

Report "Perl Best Practice" citations as section numbers from http://safari.oreilly.com instead of page numbers from the actual book. NOTE: This feature is not implemented yet.

-help

-?

Displays a brief summary of options and exits.

-man

Displays the complete perlcritic manual and exits.

-Version

-V

Displays the version number of perlcritic and exits.

CONFIGURATION

The default configuration file is called .perlcriticrc. Perl::Critic::Config will look for this file in the current directory first, and then in your home directory. Alternatively, you can set the PERLCRITIC environment variable to explicitly point to a different file in another location. If none of these files exist, and the -profile option is not given on the command line, then all Policies will be loaded with their default configuration.

The format of the configuration file is an series of INI-style sections that contain key-value pairs separated by '='. Comments should start with '#' and can be placed on a separate line or after the name-value pairs if you desire. The general recipe is a series of blocks like this:

[Perl::Critic::Policy::Category::PolicyName]
severity = 1
arg1 = value1
arg2 = value2

Perl::Critic::Policy::Category::PolicyName is the full name of a module that implements the policy. The Policy modules distributed with Perl::Critic have been grouped into categories according to the table of contents in Damian Conway's book Perl Best Practices. For brevity, you can omit the 'Perl::Critic::Policy' part of the module name.

severity is the level of importance you wish to assign to the Policy. All Policy modules are defined with a default severity value ranging from 1 (least severe) to 5 (most severe). However, you may disagree with the default severity and choose to give it a higher or lower severity, based on your own coding philosophy.

The remaining key-value pairs are configuration parameters that will be passed into the constructor of that Policy. The constructors for most Policy modules do not support arguments, and those that do should have reasonable defaults. See the documentation on the appropriate Policy module for more details.

Instead of redefining the severity for a given Policy, you can completely disable a Policy by prepending a '-' to the name of the module in your configuration file. In this manner, the Policy will never be loaded, regardless of the -severity given on the command line.

A simple configuration might look like this:

#--------------------------------------------------------------
# I think these are really important, so always load them

[TestingAndDebugging::RequireUseStrict]
severity = 5

[TestingAndDebugging::RequireUseWarnings]
severity = 5

#--------------------------------------------------------------
# I think these are less important, so only load when asked

[Variables::ProhibitPackageVars]
severity = 2

[ControlStructures::ProhibitPostfixControls]
allow = if unless  #My custom configuration
severity = 2

#--------------------------------------------------------------
# I do not agree with these at all, so never load them

[-NamingConventions::ProhibitMixedCaseVars]
[-NamingConventions::ProhibitMixedCaseSubs]

#--------------------------------------------------------------
# For all other Policies, I accept the default severity,
# so no additional configuration is required for them.

A few sample configuration files are included in this distribution under the t/samples directory. The perlcriticrc.none file demonstrates how to disable Policy modules. The perlcriticrc.levels file demonstrates how to redefine the severity level for any given Policy module. The perlcriticrc.pbp file configures Perl::Critic to load only Policies described in Damian Conway's book "Perl Best Practices."

THE POLICIES

The following Policy modules are distributed with Perl::Critic. The Policy modules have been categorized according to the table of contents in Damian Conway's book Perl Best Practices. Since most coding standards take the form "do this..." or "don't do that...", I have adopted the convention of naming each module RequireSomething or ProhibitSomething. Each Policy is listed here with it's default severity. If you don't agree with the default severity, you can change it in your .perlcriticrc file. See the documentation of each module for it's specific details.

Perl::Critic::Policy::BuiltinFunctions::ProhibitLvalueSubstr

Use 4-argument substr instead of writing substr($foo, 2, 6) = $bar [Severity 3]

Perl::Critic::Policy::BuiltinFunctions::ProhibitSleepViaSelect

Use Time::HiRes instead of something like select(undef, undef, undef, .05) [Severity 5]

Perl::Critic::Policy::BuiltinFunctions::ProhibitStringyEval

Write eval { my $foo; bar($foo) } instead of eval "my $foo; bar($foo);" [Severity 5]

Perl::Critic::Policy::BuiltinFunctions::RequireBlockGrep

Write grep { $_ =~ /$pattern/ } @list instead of grep /$pattern/, @list [Severity 4]

Perl::Critic::Policy::BuiltinFunctions::RequireBlockMap

Write map { $_ =~ /$pattern/ } @list instead of map /$pattern/, @list [Severity 4]

Perl::Critic::Policy::BuiltinFunctions::RequireGlobFunction

Use glob q{*} instead of <*> [Severity 5]

Perl::Critic::Policy::ClassHierarchies::ProhibitExplicitISA

Employ use base instead of @ISA [Severity 3]

Perl::Critic::Policy::ClassHierarchies::ProhibitOneArgBless

Write bless {}, $class; instead of just bless {}; [Severity 5]

Perl::Critic::Policy::CodeLayout::ProhibitHardTabs

Use spaces instead of tabs. [Severity 3]

Perl::Critic::Policy::CodeLayout::ProhibitParensWithBuiltins

Write open $handle, $path instead of open($handle, $path) [Severity 1]

Perl::Critic::Policy::CodeLayout::ProhibitQuotedWordLists

Write qw(foo bar baz) instead of ('foo', 'bar', 'baz') [Severity 2]

Perl::Critic::Policy::CodeLayout::RequireTidyCode

Must run code through perltidy. [Severity 1]

Perl::Critic::Policy::CodeLayout::RequireTrailingCommas

Put a comma at the end of every multi-line list declaration, including the last one. [Severity 1]

Perl::Critic::Policy::ControlStructures::ProhibitCascadingIfElse

Don't write long "if-elsif-elsif-elsif-elsif...else" chains. [Severity 3]

Perl::Critic::Policy::ControlStructures::ProhibitCStyleForLoops

Write for(0..20) instead of for($i=0; $i<=20; $i++) [Severity 2]

Perl::Critic::Policy::ControlStructures::ProhibitPostfixControls

Write if($condition){ do_something() } instead of do_something() if $condition [Severity 2]

Perl::Critic::Policy::ControlStructures::ProhibitUnlessBlocks

Write if(! $condition) instead of unless($condition) [Severity 2]

Perl::Critic::Policy::ControlStructures::ProhibitUntilBlocks

Write while(! $condition) instead of until($condition) [Severity 2]

Perl::Critic::Policy::Documentation::RequirePodAtEnd

All POD should be after __END__ [Severity 1]

Perl::Critic::Policy::InputOutput::ProhibitBacktickOperators

Discourage stuff like @files = `ls $directory` [Severity 3]

Perl::Critic::Policy::InputOutput::ProhibitBarewordFileHandles

Write open my $fh, q{<}, $filename; instead of open FH, q{<}, $filename; [Severity 5]

Perl::Critic::Policy::InputOutput::ProhibitOneArgSelect

Never write select($fh) [Severity 4]

Perl::Critic::Policy::InputOutput::ProhibitReadlineInForLoop

Write <while( $line = < ){...}>> instead of <for(<){...}>> [Severity 4]

Perl::Critic::Policy::InputOutput::ProhibitTwoArgOpen

Write open $fh, q{<}, $filename; instead of open $fh, "<$filename"; [Severity 5]

Perl::Critic::Policy::Miscellanea::ProhibitFormats

Do not use format. [Severity 3]

Perl::Critic::Policy::Miscellanea::ProhibitTies

Do not use tie. [Severity 2]

Perl::Critic::Policy::Miscellanea::RequireRcsKeywords

Put source-control keywords in every file. [Severity 2]

Perl::Critic::Policy::Modules::ProhibitMultiplePackages

Put packages (especially subclasses) in separate files. [Severity 4]

Perl::Critic::Policy::Modules::RequireBarewordIncludes

Write require Module instead of require 'Module.pm' [Severity 5]

Perl::Critic::Policy::Modules::ProhibitEvilModules

Ban modules that aren't blessed by your shop. [Severity 5]

Perl::Critic::Policy::Modules::RequireExplicitPackage

Always make the package explicit. [Severity 4]

Perl::Critic::Policy::Modules::RequireVersionVar

Give every module a $VERSION number. [Severity 2]

Perl::Critic::Policy::Modules::RequireEndWithOne

End each module with an explicitly 1; instead of some funky expression. [Severity 4]

Perl::Critic::Policy::NamingConventions::ProhibitAmbiguousNames

Don't use vague variable or subroutine names like 'last' or 'record'. [Severity 3]

Perl::Critic::Policy::NamingConventions::ProhibitMixedCaseSubs

Write sub my_function{} instead of sub MyFunction{} [Severity 1]

Perl::Critic::Policy::NamingConventions::ProhibitMixedCaseVars

Write $my_variable = 42 instead of $MyVariable = 42 [Severity 1]

Perl::Critic::Policy::References::ProhibitDoubleSigils

Write @{ $array_ref } instead of @$array_ref [Severity 2]

Perl::Critic::Policy::RegularExpressions::RequireLineBoundaryMatching

Always use the /m modifier with regular expressions. [Severity 3]

Perl::Critic::Policy::RegularExpressions::RequireExtendedFormatting

Always use the /x modifier with regular expressions. [Severity 2]

Perl::Critic::Policy::Subroutines::ProhibitAmpersandSigils

Don't call functions with a leading ampersand sigil. [Severity 2]

Perl::Critic::Policy::Subroutines::ProhibitBuiltinHomonyms

Don't declare your own open function. [Severity 4]

Perl::Critic::Policy::Subroutines::ProhibitExcessComplexity

Minimize complexity by factoring code into smaller subroutines. [Severity 3]

Perl::Critic::Policy::Subroutines::ProhibitExplicitReturnUndef

Return failure with bare return instead of return undef [Severity 5]

Perl::Critic::Policy::Subroutines::ProhibitSubroutinePrototypes

Don't write sub my_function (@@) {} [Severity 5]

Perl::Critic::Policy::Subroutines::ProtectPrivateSubs

Prevent access to private subs in other packages [Severity 3]

Perl::Critic::Policy::Subroutines::RequireFinalReturn

End every path through a subroutine with an explicit return statement. [Severity 4]

Perl::Critic::Policy::TestingAndDebugging::ProhibitNoStrict

Prohibit various flavors of no strict [Severity 5]

Perl::Critic::Policy::TestingAndDebugging::ProhibitNoWarnings

Prohibit various flavors of no warnings [Severity 4]

Perl::Critic::Policy::TestingAndDebugging::RequireUseStrict

Always use strict [Severity 5]

Perl::Critic::Policy::TestingAndDebugging::RequireUseWarnings

Always use warnings [Severity 4]

Perl::Critic::Policy::ValuesAndExpressions::ProhibitConstantPragma

Don't use constant $FOO = 15 > [Severity 4]

Perl::Critic::Policy::ValuesAndExpressions::ProhibitEmptyQuotes

Write q{} instead of '' [Severity 2]

Perl::Critic::Policy::ValuesAndExpressions::ProhibitInterpolationOfLiterals

Always use single quotes for literal strings. [Severity 1]

Perl::Critic::Policy::ValuesAndExpressions::ProhibitLeadingZeros

Write oct(755) instead of 0755 [Severity 5]

Perl::Critic::Policy::ValuesAndExpressions::ProhibitNoisyQuotes

Use q{} or qq{} instead of quotes for awkward-looking strings. [Severity 2]

Perl::Critic::Policy::ValuesAndExpressions::RequireInterpolationOfMetachars

Warns that you might have used single quotes when you really wanted double-quotes. [Severity 1]

Perl::Critic::Policy::ValuesAndExpressions::RequireNumberSeparators

Write 141_234_397.0145 instead of 141234397.0145 [Severity 2]

Perl::Critic::Policy::ValuesAndExpressions::RequireQuotedHeredocTerminator

Write print <<'THE_END' or print <<"THE_END" [Severity 3]

Perl::Critic::Policy::ValuesAndExpressions::RequireUpperCaseHeredocTerminator

Write <<'THE_END'; instead of <<'theEnd'; [Severity 1]

Perl::Critic::Policy::Variables::ProhibitConditionalDeclarations

Do not write my $foo = $bar if $baz; [Severity 5]

Perl::Critic::Policy::Variables::ProhibitLocalVars

Use my instead of local, except when you have to. [Severity 2]

Perl::Critic::Policy::Variables::ProhibitMatchVars

Avoid $`, $&, $' and their English equivalents. [Severity 4]

Perl::Critic::Policy::Variables::ProhibitPackageVars

Eliminate globals declared with our or use vars [Severity 3]

Perl::Critic::Policy::Variables::ProhibitPunctuationVars

Write $EVAL_ERROR instead of $@ [Severity 2]

Perl::Critic::Policy::Variables::ProtectPrivateVars

Prevent access to private vars in other packages [Severity 3]

BENDING THE RULES

Perl::Critic takes a hard-line approach to your code: either you comply or you don't. In the real world, it is not always practical (or even possible) to fully comply with coding standards. In such cases, it is wise to show that you are knowingly violating the standards and that you have a Damn Good Reason (DGR) for doing so.

To help with those situations, you can direct Perl::Critic to ignore certain lines or blocks of code by using pseudo-pragmas:

require 'LegacyLibaray1.pl';  ## no critic
require 'LegacyLibrary2.pl';  ## no critic

for my $element (@list) {

    ## no critic

    $foo = "";               #Violates 'ProhibitEmptyQuotes'
    $barf = bar() if $foo;   #Violates 'ProhibitPostfixControls'
    #Some more evil code...

    ## use critic

    #Some good code...
    do_something($_);
}

The "## no critic" comments direct Perl::Critic to ignore the remaining lines of code until the end of the current block, or until a "## use critic" comment is found (whichever comes first). If the "## no critic" comment is on the same line as a code statement, then only that line of code is overlooked. To direct perlcritic to ignore the "## no critic" comments, use the -force option.

Use this feature wisely. "## no critic" should be used in the smallest possible scope, or only on individual lines of code. If Perl::Critic complains about your code, try and find a compliant solution before resorting to this feature.

EDITOR INTEGRATION

For ease-of-use, perlcritic can be integrated with your favorite text editor. The output-formatting capabilities of perlcritic are specifically intended for use with the "grep" or "compile" modes available in editors like emacs and vim. In these modes, you can run an arbitrary command and the editor will parse the output into an interactive buffer that you can click on and jump to the relevant line of code.

EMACS

Entering 'Meta-x compile' causes emacs to switch to compile-mode. Next, enter the following command in the minibuffer:

perlcritic -verbose 1 path/to/your/file

When the results are displayed, pressing [Enter] on any of the Violation messages will move the pointer to the relevant location within the file. Type 'Ctrl-h a compile' for information about compile-mode.

VIM

Configure the grep format as follows:

set grepformat=%f:%l:%c:m
set grepprg=perlcritic\ -verbose\ 1\ %

Then, you can run perlcritic on the current buffer with:

:grep

Navigation and display instructions can be found under :help grep. Someone with stronger Vim-fu may wish to convert this to a real macro.

gVIM

Fritz Mehner recently added support for perlcritic to his fantastic gVIM plugin. In addition to providing a very Perlish IDE, Fritz's plugin enables one-click access to perlcritic and many other very useful utilities. And all is seamlessly integrated into the editor. See http://lug.fh-swf.de/vim/vim-perl/screenshots-en.html for complete details.

EXIT STATUS

If perlcritic has any errors itself, exits with status == 1. If there are no errors, but perlcritic finds Policy violations in your source code, exits with status == 2. If there were no errors and no violations were found, exits with status == 0.

EXTENDING THE CRITIC

The modular design of Perl::Critic is intended to facilitate the addition of new Policies. You'll need to have some understanding of PPI, but most Policy modules are pretty straightforward and only require about 20 lines of code. Please see the Perl::Critic::DEVELOPER file included in this distribution for a step-by-step demonstration of how to create new Policy modules.

If you develop any new Policy modules, feel free to send them to <thaljef@cpan.org> and I'll be happy to put them into the Perl::Critic distribution. Or if you'd like to work on the Perl::Critic project directly, check out our repository at http://perlcritic.tigris.org. To subscribe to our mailing list, send a message to dev-subscribe@perlcritic.tigris.org.

BUGS

Scrutinizing Perl code is hard for humans, let alone machines. If you find any bugs, particularly false-positives or false-negatives from a Perl::Critic::Policy, please submit them to http://rt.cpan.org/NoAuth/Bugs.html?Dist=Perl-Critic. Thanks.

CREDITS

Adam Kennedy - For creating PPI, the heart and soul of Perl::Critic.

Damian Conway - For writing Perl Best Practices.

Giuseppe Maxia - For all the great ideas and enhancements.

Chris Dolan - For numerous bug reports and suggestions.

Sharon, my wife - For putting up with my all-night code sessions.

AUTHOR

Jeffrey Ryan Thalhammer <thaljef@cpan.org>

COPYRIGHT

This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The full text of this license can be found in the LICENSE file included with this module.

To install Perl::Critic, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Perl::Critic

CPAN shell

perl -MCPAN -e shell
install Perl::Critic

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)