-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
0 parents
commit b470069
Showing
6 changed files
with
212 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| /.idea/ | ||
| /vendor/ | ||
| composer.lock |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,58 @@ | ||
| # Code Quality | ||
|
|
||
| This composer package will provide some basic code quality checks before commiting code by using | ||
| https://github.com/phpro/grumphp. | ||
|
|
||
| It checks only modified files or new files. | ||
|
|
||
| ## Checks performed | ||
|
|
||
| This repository currently has following checks: | ||
|
|
||
| * PHP Drupal Coding Standards | ||
| * PHP 7.3 Compatibility | ||
| * PHP syntax | ||
| * Shell script exec bits | ||
| * PHP Code security | ||
|
|
||
| ## Pre-requisites | ||
|
|
||
| * Composer | ||
|
|
||
| ## Installation | ||
|
|
||
| This needs to be done only once either while creating a project or enabling code checks in existing project. | ||
|
|
||
| ``` | ||
| composer require wunderio/code-quality --dev | ||
| cp vendor/wunderio/code-quality/grumphp.yml.dist ./grumphp.yml | ||
| ``` | ||
|
|
||
| The commit hook for GrumPHP is automatically installed on composer require. | ||
|
|
||
| ## Custom PHP CodeSniffer rules | ||
|
|
||
| If you need to customize the rules for PHP CodeSniffer then drop in phpcs.xml in the same | ||
| folder as composer.json and configure grumphp.yml: | ||
| ````yml | ||
| parameters: | ||
| tasks: | ||
| phpcs: | ||
| standard: | ||
| - phpcs.xml | ||
| ```` | ||
|
|
||
| ## Usage | ||
|
|
||
| The pre-commit hook will be automatically run upon executing `git commit`. | ||
|
|
||
| The code scanning can be avoided by `git commit --no-verify`. | ||
|
|
||
| You can run the checks manually with: `./bin/grumphp run` | ||
|
|
||
| ## Usage in Continuous Integration | ||
| You can easily use the code quality checkers on your CI (Jenkins/GitLab CI) by adding this line: | ||
|
|
||
| ``` | ||
| ./bin/grumphp run --no-ansi --no-interaction | ||
| ``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| { | ||
| "name": "wunderio/code-quality", | ||
| "description": "Code Quality checker wrapper for GrumPHP", | ||
| "type": "project", | ||
| "authors": [ | ||
| { | ||
| "name": "Hannes Kirsman", | ||
| "email": "hannes.kirsman@wunder.io" | ||
| }, | ||
| { | ||
| "name": "Ragnar Kurm", | ||
| "email": "ragnar.kurm@wunder.io" | ||
| }, | ||
| { | ||
| "name": "Guntis Jakovins", | ||
| "email": "guntis.jakovins@wunder.io" | ||
| }, | ||
| { | ||
| "name": "Marc Galang", | ||
| "email": "marc.galang@wunder.io" | ||
| }, | ||
| { | ||
| "name": "Lauris Kuznecovs", | ||
| "email": "lauris.kuznecovs@wunder.ioo" | ||
| } | ||
| ], | ||
| "require": { | ||
| "phpro/grumphp": "^0.15", | ||
| "drupal/coder": "^8", | ||
| "phpcompatibility/php-compatibility": "^9", | ||
| "wunderio/grumphp-php-compatibility": "^0.2.1", | ||
| "wunderio/grumphp-php-check-syntax": "^0.1.0", | ||
| "wunderio/grumphp-file-permissions": "^0.1.0", | ||
| "pheromone/phpcs-security-audit": "^2.0" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,28 @@ | ||
| parameters: | ||
| tasks: | ||
| php_compatibility: | ||
| testVersion: "7.3" | ||
| triggered_by: [php, inc, module, install] | ||
| check_file_permissions: ~ | ||
| php_check_syntax: | ||
| ignore_patterns: [] | ||
| triggered_by: | ||
| - php | ||
| - module | ||
| - inc | ||
| phpcs: | ||
| standard: | ||
| - vendor/hkirsman/code-quality/phpcs.xml | ||
| - vendor/hkirsman/code-quality/phpcs-security.xml | ||
| ignore_patterns: | ||
| - cfg/ | ||
| - libraries/ | ||
| triggered_by: | ||
| - php | ||
| - module | ||
| - inc | ||
| report_width: 120 | ||
| extensions: | ||
| - wunderio\PhpCompatibilityTask\ExtensionLoader | ||
| - wunderio\PhpCheckSyntaxTask\ExtensionLoader | ||
| - wunderio\CheckFilePermissions\ExtensionLoader |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| <?xml version="1.0"?> | ||
| <!-- See http://pear.php.net/manual/en/package.php.php-codesniffer.annotated-ruleset.php --> | ||
| <ruleset name="Security Audit"> | ||
| <description>Security audit rules</description> | ||
|
|
||
| <config name="installed_paths" value="vendor/pheromone/phpcs-security-audit/Security" /> | ||
|
|
||
| <!-- exclude some Drupal files that contain issues --> | ||
| <exclude-pattern>*default.settings.php</exclude-pattern> | ||
|
|
||
| <!-- exclude minified files --> | ||
| <exclude-pattern>*.min.*</exclude-pattern> | ||
|
|
||
| <!-- exclude third-party node modules --> | ||
| <exclude-pattern>node_modules/</exclude-pattern> | ||
|
|
||
| <!-- exclude CSS files, where we don't usually follow Drupal standards --> | ||
| <exclude-pattern>*.css</exclude-pattern> | ||
|
|
||
| <!-- Security Code Reviews Rules --> | ||
|
|
||
| <!-- Global properties --> | ||
| <!-- Please note that not every sniff uses them and they can be overwritten by rule --> | ||
| <!-- Paranoya mode: Will generate more alerts but will miss less vulnerabilites. Good for assisting manual code review. --> | ||
| <config name="ParanoiaMode" value="1"/> | ||
|
|
||
| <!-- BadFunctions --> | ||
| <!-- PHP functions that can lead to security issues --> | ||
| <rule ref="Security.BadFunctions.Asserts"/> | ||
| <rule ref="Security.BadFunctions.Backticks"/> | ||
| <rule ref="Security.BadFunctions.CallbackFunctions"/> | ||
| <rule ref="Security.BadFunctions.CryptoFunctions"/> | ||
| <rule ref="Security.BadFunctions.EasyRFI"/> | ||
| <rule ref="Security.BadFunctions.EasyXSS"> | ||
| <properties> | ||
| <!-- Comment out to follow global ParanoiaMode --> | ||
| <property name="forceParanoia" value="1"/> | ||
| </properties> | ||
| </rule> | ||
| <rule ref="Security.BadFunctions.ErrorHandling"/> | ||
| <rule ref="Security.BadFunctions.FilesystemFunctions"/> | ||
| <rule ref="Security.BadFunctions.FringeFunctions"/> | ||
| <rule ref="Security.BadFunctions.FunctionHandlingFunctions"/> | ||
| <rule ref="Security.BadFunctions.Mysqli"/> | ||
| <rule ref="Security.BadFunctions.NoEvals"/> | ||
| <rule ref="Security.BadFunctions.Phpinfos"/> | ||
| <rule ref="Security.BadFunctions.PregReplace"/> | ||
| <rule ref="Security.BadFunctions.SQLFunctions"/> | ||
| <rule ref="Security.BadFunctions.SystemExecFunctions"/> | ||
| </ruleset> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
| <?xml version="1.0"?> | ||
| <!-- See http://pear.php.net/manual/en/package.php.php-codesniffer.annotated-ruleset.php --> | ||
| <ruleset name="Relax Drupal"> | ||
| <description>Drupal coding standard</description> | ||
|
|
||
| <config name="installed_paths" value="vendor/drupal/coder/coder_sniffer/Drupal" /> | ||
|
|
||
| <!-- exclude some Drupal files that contain issues --> | ||
| <exclude-pattern>*default.settings.php</exclude-pattern> | ||
|
|
||
| <!-- exclude minified files --> | ||
| <exclude-pattern>*.min.*</exclude-pattern> | ||
|
|
||
| <!-- exclude third-party node modules --> | ||
| <exclude-pattern>node_modules/</exclude-pattern> | ||
|
|
||
| <!-- exclude CSS files, where we don't usually follow Drupal standards --> | ||
| <exclude-pattern>*.css</exclude-pattern> | ||
|
|
||
| <rule ref="Drupal"> | ||
| <exclude name="Drupal.Files.TxtFileLineLength" /> | ||
| <exclude name="Drupal.InfoFiles.AutoAddedKeys" /> | ||
| </rule> | ||
|
|
||
| <!-- force short array notation - [] --> | ||
| <rule ref="Generic.Arrays.DisallowLongArraySyntax.Found"> | ||
| <type>error</type> | ||
| </rule> | ||
|
|
||
| <rule ref="Drupal.Files.LineLength"> | ||
| <properties> | ||
| <!-- Be a bit more tolerant when it comes to line lengths --> | ||
| <property name="lineLimit" value="110"/> | ||
| </properties> | ||
| <type>error</type> | ||
| </rule> | ||
| </ruleset> |