Closed timeisenhuth closed 10 years ago
This happen when the Security/ folder containing ruleset.xml is not within php_codesniffer CodeSniffer/Standards/ directory. You have to create a symlink to it.
There's two ways of using composer with phpcs-security-audit:
composer install
composer require pheromone/phpcs-security-audit dev-master
The first was working and for the second you need to manually create symlinks or add your own post-install script to your project: "scripts": {
"post-install-cmd": "ln -s ../../../../pheromone/phpcs-security-audit/Security vendor/squizlabs/php_codesniffer/CodeSniffer/Standards/Security"
}
I tried to fix it in composer.json but:
NOTE: Only scripts defined in the root package's composer.json are executed. If a dependency of the root package specifies its own scripts, Composer does not execute those additional scripts.
@timeisenhuth was your problem fixed?
@jmarcil Sorry for the late reply, yep all good now
In my build, the issue has been fixed by the following Ant's line which creates a symlink:
<symlink link="${vendordir}/squizlabs/php_codesniffer/CodeSniffer/Standards/Security" resource="${vendordir}/pheromone/phpcs-security-audit/Security" overwrite="true"/>
right before running phpcs
tests.
Full target example (see: base.xml
):
<target name="phpcs-security" depends="composer"
description="Find coding standard violations using PHP_CodeSniffer and print human readable output. Intended for usage on the command line before committing.">
<symlink link="${vendordir}/squizlabs/php_codesniffer/CodeSniffer/Standards/Security" resource="${vendordir}/pheromone/phpcs-security-audit/Security" overwrite="true"/>
<exec executable="${buildbin}/phpcs">
<arg value="-d"/>
<arg value="memory_limit=256M"/>
<arg value="--standard=${vendordir}/pheromone/phpcs-security-audit/example_drupal7_ruleset.xml"/>
<arg value="--extensions={fileexts}"/>
<arg path="${drupalmodules}"/>
<arg path="${drupalthemes}"/>
</exec>
</target>
You can now use symlink.sh
script to do the symlinks.
Another way is to register standard with PHPCS, e.g.:
phpcs --config-set installed_paths pheromone/phpcs-security-audit/Security
Another method is to install dealerdirect/phpcodesniffer-composer-installer
which find and register standards whenever the packages are installed or updated. E.g.
composer require --dev dealerdirect/phpcodesniffer-composer-installer
Then list the standards via phpcs -i
.
Feature request: #16
See: pfrenssen/coder
.
I'm getting
ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist
This error occures even after composer install.
- git clone https://github.com/FloeDesignTechnologies/phpcs-security-audit.git $PHPCS_INSTALL_PATH
- cd $PHPCS_INSTALL_PATH
- ls -a
- composer install
Downloading (100%) Writing lock file Generating autoload files sh symlink.sh Symlink created.
Then executing
phpcs --extensions=php,inc,lib,module,info --standard=$PHPCS_INSTALL_PATH/example_base_ruleset.xml tests.php
gives me the same error message.
Any ideas what i missed?
@tweidinger Re-read this thread. Basically you need to install pheromone/phpcs-security-audit
package and symlink pheromone/phpcs-security-audit/Security
to squizlabs/php_codesniffer/CodeSniffer/Standards/Security
or have a look symlink.sh
file which aiming to do this for you.
ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist This is an open issue with PHP_CodeSniffer v3.4.0. Added Symlinks as directed, no dice. I've tried the symlink.sh script and phpcs --config-set installed_paths ~/code/phpcs-secuity-audit/Security
me@home:~/code/phpcs-security-audit$ phpcs --standard=example_base_ruleset.xml tests.php ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist
Run "phpcs --help" for usage information
me@home:~/code/phpcs-security-audit$ phpcs --version PHP_CodeSniffer version 3.4.0 (stable) by Squiz (http://www.squiz.net)
@bencornwell Have you read above, what have you tried so far?
Hey @kenorb, couldn't make the symlink approach work but had success with 'installed_paths': me@home:~/code/phpcs-security-audit$ phpcs --config-set installed_paths /home/me/code/phpcs-security-audit/Security Using config file: /home/me/.composer/vendor/squizlabs/php_codesniffer/CodeSniffer.conf
Config value "installed_paths" added successfully me@home:~/code/phpcs-security-audit$ phpcs -i The installed coding standards are Zend, MySource, PEAR, PSR2, PSR12, Squiz, PSR1 and Security
Cheers,
Ben
I had the same problem as @bencornwell.
I copied the Security/
folder from this repository to /home/me/.composer/vendor/php_codesniffer/CodeSniffer/Standards
but unfortunately phpcs in version 3.4.1 didn't show it when running phpcs -i
After running
phpcs --config-set installed_paths /home/me/.composer/vendor/php_codesniffer/CodeSniffer/Standards/Security
the output of phpcs -i
displayed Security
When i attempt to run phpcs with the example rulesets, I get the following errors:
Fatal error: Uncaught exception 'PHP_CodeSniffer_Exception' with message 'Referenced sniff Security.BadFunctions.Asserts does not exist' in /Users/tim/dev/bcc_test/vendor/squizlabs/php_codesniffer/CodeSniffer.php on line 876
It seems like it is unable to convert the rules in the ruleset file into paths to the PHP files. Could you possibly provide any info on how this works and or a way to fix the issue?