PHPUnit is a unit testing framework for the PHP programming language. It is an instance of the xUnit architecture for unit testing frameworks that originated with SUnit and became popular with JUnit. PHPUnit was created by Sebastian Bergmann and its development is hosted on GitHub.
Developer(s) | Sebastian Bergmann |
---|---|
Initial release | 27 November 2001[1] |
Stable release | 10
/ 3 February 2023[2] |
Repository | |
Written in | PHP |
Operating system | Cross-platform |
Type | Unit testing framework |
License | BSD 3 Clause |
Website | phpunit |
Purpose
editPHPUnit is based on the idea that developers should be able to find mistakes in their newly committed code quickly and assert that no code regression has occurred in other parts of the code base. Much like other unit testing frameworks, PHPUnit uses assertions to verify that the behavior of the specific component - or "unit" - being tested behaves as expected.[3]
Benefits
editThe goal of unit testing is to isolate each part of the program and show that the individual parts are correct. A unit test provides a strict, written contract that the piece of code must satisfy. As a result, unit tests find problems early in the development cycle.
PHPUnit can output test results in a number of different formats, including JUnit XML and TestDox.
Vulnerabilities
editA vulnerability that allowed attackers to execute remote code via PHPUnit was discovered in late 2017. By sending a payload of PHP code to a file that is part of PHPUnit, an attacker could execute PHP code on the webserver.[4]
References
edit- ^ "PHP: Revision 63330". svn.php.net.
- ^ "Releases · sebastianbergmann/phpunit". GitHub.
- ^ Assertion (computing)
- ^ Bergmann, Sebastian. "PHPUnit: A Security Risk?". The PHP Consulting Company. Retrieved 20 October 2020.