Ghostboard pixel Skip to content

Slack Open Sources 'Hakana' to Help Developers With Hack Language

Slack open sources its internal tool Hakana to help other developers and companies using Hack language.

Slack, the popular team communication and collaboration platform, has recently open-sourced its 'Hakana' type checker, a tool they created for internal use.

This move comes at a time when a good deal of proprietary software is being open-sourced.

Related Read 📖

DreamWorks’ Renderer Used for ‘Puss in Boots’ is Going Open-Source Very Soon
DreamWork animation company is making its in-house renderer open-source very soon!

What is it?: Hakana is a static analysis tool for the Hack programming language that uses Psalm as a base and is written in Rust.

In simpler terms, it is a tool that provides type checking for Hack by running several analytical methods.

Currently, Slack is using it to detect issues in their Hack code; they migrated from PHP to Hack in 2016 citing various inconsistencies with it.

Some of Hakana's abilities include:

  • Prevents unused functions and private methods.
  • Prevents unused assignments inside closures.
  • Ability to detect impossible and redundant type-checks.
  • Can warn about potential SQL injection attacks and cross-site scripting vulnerabilities.
  • Prevents misuse of internal Slack APIs (via Plugin hooks).

Slack mentions more of its use cases as:

We also use Hakana to automate type-aware API migrations (again via plugin hooks) and to delete unused functions in bulk. Thanks to Rust, those whole-codebase migrations are relatively quick.

Furthermore, Hakana investigates how data moves between functions in a codebase and tries to verify whether any attacker-controlled data shows up in places it shouldn't.

It also has a web version that can be accessed via web browsers using WASM, thanks to it being written in Rust.

Slack lists a couple of reasons why they decided to open-source Hakana:

  • The broader programming language community may be able to help, especially in the case of security analysis.
  • This serves to repay the favor to Psalm, the tool on which Hakana is based.
  • They expect companies with massive PHP codebases to benefit from Hakana by forking and altering it to suit their needs.
Only a few companies use Hack language because of its 'high switching costs', meaning if a company decides to migrate to Hack from PHP, a lot of their server infrastructure will need a change too.

I suggest you go through the announcement blog if you are interested to learn more about the technical bits of Hakana.

Suggested Read 📖

Ditch Slack With These Open Source Team Chat Tools
Here, we shall take a look at the best open source slack alternatives that you can choose to communicate with your team at work.

More from It's FOSS...