Kaboomafoo: The Kaboom Redo

Many years ago, I wrote a joke library called Kaboom. Its purpose was to detect if error reporting was improperly configured in Development environments, and if so, go Kaboom! by throwing an exception.

Yesterday, I was writing some code for Sculpin (an open source static site generator that I contribute to) and I wanted to make sure that a particular bit of code that could contain path traversal vulnerabilities wouldn't be forgotten about when I wandered away to other priorities.

To accomplish that, I added a unix timestamp check of "today plus one day" hard-coded as magic numbers. That way, when I came back to the PR, it would stop working in a very obvious way, letting me know that the issue had not been solved.

Then, I tweeted about it. And some people were intrigued by it. They had concerns, of course, but the response inspired me to rewrite my Kaboom project and release it to Packagist.

Here's a fun idea: Temporal Todos ... pic.twitter.com/4NOpKyenHc
— Kevin Boyd (@Beryllium9) October 10, 2020

Introducing Kaboom v1.0

In Kaboom 1.0, which I released today, you can configure tripwires (either using ->todo() or ->custom() methods), and when these tripwires are tripped, your defined behaviour will occur. By default, this means throwing an exception, but it can be modified to include writing to logs or any custom implementation you want. You could make it send a message by Twilio, notify you in Slack, update an associated Jira ticket - anything you want. (Note: Twilio/slack/jira handlers have not yet been coded. 😂)

To get started, run composer require beryllium/kaboom and then instantiate it in your code like so:

$kaboom = new Beryllium\Kaboom\Kaboom();
$kaboom->todo(
    "Get this done before halloween!",
    "2020-10-20"
);

After October 20th, the above code would start throwing exceptions - so you'd know right away that something was missed.

Oh, but you don't want it to break production? If you instantiate Kaboom like this, then Production will keep working fine:

$kaboom = new Beryllium\Kaboom\Kaboom(
    $env === 'prod'
        ? new Beryllium\Kaboom\Handlers\NullHandler()
        : new Beryllium\Kaboom\Handlers\ExceptionHandler()
);

Production environments would receive a Null handler, which is a no-op when the tripwire is tripped.

The readme has a few more example invocations, as well as information about using the ->custom() method to build tripwires based on anonymous functions:

$env = 'dev';
$kaboom = new Kaboom(new LoggingHandler($logger));
$kaboom->custom(
    "Error reporting is not set correctly!",
    fn() => strtolower($env) === 'dev' && error_reporting() !== -1
);

The LoggingHandler accepts any PSR-3 compatible LoggerInterface in its constructor.

Setting up your configuration in a dependency injection container allows you to get as complex as you'd like. The included GroupHandler lets you stack up a bunch of handlers and all of them get pinged in sequence. Go ahead and roll your own handlers - if you come up with a gooder, please contribute it back.

Enjoy! Many Happy Kabooms!

Published: October 10, 2020

Categories: coding

Tags: dev, development, coding, php, projects, fun

whateverthing.com
☰

A Blog

by Kevin Boyd