search

FloeDesignTechnologies / phpcs-security-audit

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code
GNU General Public License v3.0
709 stars 86 forks source link

Support for phpcodesniffer-standard type #16

Closed kenorb closed 5 years ago

kenorb commented 6 years ago

Since this package defines a new PHP code sniffer standard, it would be great if can define the package type as phpcodesniffer-standard, so using projects such as Dealerdirect/phpcodesniffer-composer-installer will recognize the coding standards automatically.

See: Developing Coding Standards.

Related: Dealerdirect/phpcodesniffer-composer-installer/issues/47

This can also help with problems as described in #2.

For example, given the following composer.json file:

{
    "require": {
        "dealerdirect/phpcodesniffer-composer-installer": "^0.4.4",
        "drupal/coder":                    "^8@stable",
        "pheromone/phpcs-security-audit":  "1.*@stable"
    }
}

After running composer install, and ./vendor/bin/phpcs -i, I can see the coding standards from drupal/coder package, but not from pheromone/phpcs-security-audit.

szepeviktor commented 5 years ago

This repo has an empty ruleset. See https://cgit.drupalcode.org/coder/tree/coder_sniffer/Drupal/ruleset.xml

jmarcil commented 5 years ago

@kenorb fixed in 236edfccad6c33e66e33d17338b7abe71a30b86b thank you!

@szepeviktor can you please open another issue for that "empty ruleset" if it's causing problems. If you're talking about Drupal 8, it is undone as I felt that first I needed to tackle Symphony and then D8. Currently looking for contributors for that if it's still worth it.