Getting fatal error

[timeisenhuth]

When i attempt to run phpcs with the example rulesets, I get the following errors:

Fatal error: Uncaught exception 'PHP_CodeSniffer_Exception' with message 'Referenced sniff Security.BadFunctions.Asserts does not exist' in /Users/tim/dev/bcc_test/vendor/squizlabs/php_codesniffer/CodeSniffer.php on line 876

It seems like it is unable to convert the rules in the ruleset file into paths to the PHP files. Could you possibly provide any info on how this works and or a way to fix the issue?

[jmarcil]

This happen when the Security/ folder containing ruleset.xml is not within php_codesniffer CodeSniffer/Standards/ directory. You have to create a symlink to it.

There's two ways of using composer with phpcs-security-audit:

1. getting from git first, solve dependencies with composer install
2. do a composer require pheromone/phpcs-security-audit dev-master The first was working and for the second you need to manually create symlinks or add your own post-install script to your project:

    "scripts": {
        "post-install-cmd": "ln -s ../../../../pheromone/phpcs-security-audit/Security vendor/squizlabs/php_codesniffer/CodeSniffer/Standards/Security"
    }

I tried to fix it in composer.json but:

NOTE: Only scripts defined in the root package's composer.json are executed. If a dependency of the root package specifies its own scripts, Composer does not execute those additional scripts.

[jmarcil]

@timeisenhuth was your problem fixed?

[timeisenhuth]

@jmarcil Sorry for the late reply, yep all good now

[kenorb]

In my build, the issue has been fixed by the following Ant's line which creates a symlink:

<symlink link="${vendordir}/squizlabs/php_codesniffer/CodeSniffer/Standards/Security" resource="${vendordir}/pheromone/phpcs-security-audit/Security" overwrite="true"/>

right before running phpcs tests.

Full target example (see: base.xml):

  <target name="phpcs-security" depends="composer"
          description="Find coding standard violations using PHP_CodeSniffer and print human readable output. Intended for usage on the command line before committing.">
   <symlink link="${vendordir}/squizlabs/php_codesniffer/CodeSniffer/Standards/Security" resource="${vendordir}/pheromone/phpcs-security-audit/Security" overwrite="true"/>
  <exec executable="${buildbin}/phpcs">
   <arg value="-d"/>
   <arg value="memory_limit=256M"/>
   <arg value="--standard=${vendordir}/pheromone/phpcs-security-audit/example_drupal7_ruleset.xml"/>
   <arg value="--extensions={fileexts}"/>
   <arg path="${drupalmodules}"/>
   <arg path="${drupalthemes}"/>
  </exec>
 </target>

[kenorb]

You can now use symlink.sh script to do the symlinks.

[kenorb]

Another way is to register standard with PHPCS, e.g.:

phpcs --config-set installed_paths pheromone/phpcs-security-audit/Security

---

Another method is to install dealerdirect/phpcodesniffer-composer-installer which find and register standards whenever the packages are installed or updated. E.g.

composer require --dev dealerdirect/phpcodesniffer-composer-installer

Then list the standards via phpcs -i.

Feature request: #16

---

See: pfrenssen/coder.

[tweidinger]

I'm getting

ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist

This error occures even after composer install.

• git clone https://github.com/FloeDesignTechnologies/phpcs-security-audit.git $PHPCS_INSTALL_PATH
• cd $PHPCS_INSTALL_PATH
• ls -a
• composer install

Downloading (100%) Writing lock file Generating autoload files sh symlink.sh Symlink created.

Then executing phpcs --extensions=php,inc,lib,module,info --standard=$PHPCS_INSTALL_PATH/example_base_ruleset.xml tests.php gives me the same error message.

Any ideas what i missed?

[kenorb]

@tweidinger Re-read this thread. Basically you need to install pheromone/phpcs-security-audit package and symlink pheromone/phpcs-security-audit/Security to squizlabs/php_codesniffer/CodeSniffer/Standards/Security or have a look symlink.sh file which aiming to do this for you.

[ghost]

ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist This is an open issue with PHP_CodeSniffer v3.4.0. Added Symlinks as directed, no dice. I've tried the symlink.sh script and phpcs --config-set installed_paths ~/code/phpcs-secuity-audit/Security

me@home:~/code/phpcs-security-audit$ phpcs --standard=example_base_ruleset.xml tests.php ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist

Run "phpcs --help" for usage information

me@home:~/code/phpcs-security-audit$ phpcs --version PHP_CodeSniffer version 3.4.0 (stable) by Squiz (http://www.squiz.net)

[kenorb]

@bencornwell Have you read above, what have you tried so far?

[ghost]

Hey @kenorb, couldn't make the symlink approach work but had success with 'installed_paths': me@home:~/code/phpcs-security-audit$ phpcs --config-set installed_paths /home/me/code/phpcs-security-audit/Security Using config file: /home/me/.composer/vendor/squizlabs/php_codesniffer/CodeSniffer.conf

Config value "installed_paths" added successfully me@home:~/code/phpcs-security-audit$ phpcs -i The installed coding standards are Zend, MySource, PEAR, PSR2, PSR12, Squiz, PSR1 and Security

Cheers,

Ben

[XPanniX]

I had the same problem as @bencornwell.
I copied the Security/ folder from this repository to /home/me/.composer/vendor/php_codesniffer/CodeSniffer/Standards but unfortunately phpcs in version 3.4.1 didn't show it when running phpcs -i

After running
phpcs --config-set installed_paths /home/me/.composer/vendor/php_codesniffer/CodeSniffer/Standards/Security
the output of phpcs -i displayed Security