This is coverage of the fourth and final day. Previous days coverage is available here: Day 1, Day 2, and Day 3. There is a fourth day that should be online Monday. Special thanks to Sebastian Bergmann and Cal Evans for their excellent photo coverage of ZendCon 2006.
The first session I attended this morning was Sebastian Bergmann on “Testing PHP Applications with PHPUnit 3” (slides here). After a short “here's why to test” discussion, he immediately jumped into test examples. The most interesting aspect of PHPUnit is that you can implement your tests using any combination of two different strategies. First, you can choose to implement the jUnit style tests where they exist in their own classes with their own mirrored hierarchy similar to your existing structure. This is likely to be the most familiar and comfortable for many developers as all the common asset methods are available. Alternatively, you can implement the testing (see slide 6 for an example). This allows you to keep your tests and code under test physically together in addition to logically together. Sebastian then went into code coverage analysis and related concepts. Although their is an embryonic PHPclipse plugin available, the developer has disappeared and the Zend IDE integration is on the way… we'll see what happens. Although PHPUnit 3 is feature complete and code complete, it isn't officially released as he's still working on documentation, etc.
The final regular session of the conference was “Automated PHP Vulnerability Detection Using Static Analysis” from the gentlemen of Armorize. When I saw the opening slide, I knew we were in trouble… in the footer of every slide it said “Confidential and Proprietary”. I'm sorry, but if your presentation has “Confidential” and/or “Proprietary” information in it, you probably shouldn't give it at an Open Source conference… none of us have signed NDA's and none of us are likely to. Regardless, they laid out the reasons why static analysis can be more cost effective than manual code review and how tracking back potential problems to their root cause as opposed to just catching things at the end of the line.
The closing keynote from Robert Lefkowitz was one of the most thought-provoking of just about any session I attended. But the fundamental difference was that there was no code, no libraries, no tools, just some great concepts. He traced the creationand penetration of reading and writing skills from ancient times through today. Then he laid out the primary types of skills that have been relevant in various types of economies and conjectured on what the next skills might be. Then he made a relatively simple parallel with the “language” of software development and the penetration of the related skills. One of the concepts he pointed at repeatedly was the ability of those with the (coding) skills, they can use the existing infrastructures and information to do more than anyone previously considered. Considering the constant discussion of API's, mashups, etc, this makes more sense than I had considered. Food for thought.
Throughout the morning, I had the final chance to talk and meet with numerous people talking about everything from college choices to new business ideas to dotProject usage at NC State.