phpcs
phpcs documentation
- Version in MegaLinter: 3.11.1
- Visit Official Web Site
- See How to configure phpcs rules
- If custom
phpcs.xmlconfig file isn't found, phpcs.xml will be used
- If custom
- See How to disable phpcs rules in files
- See How to ignore files and directories with phpcs
- See Index of problems detected by phpcs
Configuration in MegaLinter
- Enable phpcs by adding
PHP_PHPCSin ENABLE_LINTERS variable - Disable phpcs by adding
PHP_PHPCSin DISABLE_LINTERS variable
| Variable | Description | Default value |
|---|---|---|
| PHP_PHPCS_ARGUMENTS | User custom arguments to add in linter CLI call Ex: -s --foo "bar" |
|
| PHP_PHPCS_COMMAND_REMOVE_ARGUMENTS | User custom arguments to remove from command line before calling the linter Ex: -s --foo "bar" |
|
| PHP_PHPCS_FILTER_REGEX_INCLUDE | Custom regex including filter Ex: (src\|lib) |
Include every file |
| PHP_PHPCS_FILTER_REGEX_EXCLUDE | Custom regex excluding filter Ex: (test\|examples) |
Exclude no file |
| PHP_PHPCS_CLI_LINT_MODE | Override default CLI lint mode - file: Calls the linter for each file- list_of_files: Call the linter with the list of files as argument- project: Call the linter from the root of the project |
list_of_files |
| PHP_PHPCS_FILE_EXTENSIONS | Allowed file extensions. "*" matches any extension, "" matches empty extension. Empty list excludes all filesEx: [".py", ""] |
[".php"] |
| PHP_PHPCS_FILE_NAMES_REGEX | File name regex filters. Regular expression list for filtering files by their base names using regex full match. Empty list includes all files Ex: ["Dockerfile(-.+)?", "Jenkinsfile"] |
Include every file |
| PHP_PHPCS_PRE_COMMANDS | List of bash commands to run before the linter | None |
| PHP_PHPCS_POST_COMMANDS | List of bash commands to run after the linter | None |
| PHP_PHPCS_UNSECURED_ENV_VARIABLES | List of env variables explicitly not filtered before calling PHP_PHPCS and its pre/post commands | None |
| PHP_PHPCS_CONFIG_FILE | phpcs configuration file nameUse LINTER_DEFAULT to let the linter find it |
phpcs.xml |
| PHP_PHPCS_RULES_PATH | Path where to find linter configuration file | Workspace folder, then MegaLinter default rules |
| PHP_PHPCS_DISABLE_ERRORS | Run linter but consider errors as warnings | false |
| PHP_PHPCS_DISABLE_ERRORS_IF_LESS_THAN | Maximum number of errors allowed | 0 |
| PHP_PHPCS_CLI_EXECUTABLE | Override CLI executable | ['phpcs'] |
IDE Integration
Use phpcs in your favorite IDE to catch errors before MegaLinter !
MegaLinter Flavors
This linter is available in the following flavors
| Flavor | Description | Embedded linters | Info | |
|---|---|---|---|---|
 |
all | Default MegaLinter Flavor | 124 |   |
| cupcake | MegaLinter for the most commonly used languages | 83 |   |
|
| php | Optimized for PHP based projects | 54 |   |
Behind the scenes
How are identified applicable files
- File extensions:
.php
How the linting is performed
- phpcs is called once with the list of files as arguments (
list_of_filesCLI lint mode)
Example calls
phpcs myfile.php
phpcs --standard=phpcs.xml myfile.php
phpcs --standard=phpcs.xml mydir/ myfile.php
Help content
Usage:
phpcs [options] <file|directory>
Scan targets:
<file|directory> One or more files and/or directories to check,
space separated.
- Check STDIN instead of local files and
directories.
--stdin-path=<stdinPath> If processing STDIN, the file path that STDIN
will be processed as.
--file-list=<fileList> Check the files and/or directories which are
defined in the file to which the path is
provided (one per line).
--filter=<filter> Check based on a predefined file filter. Use
either the "GitModified" or "GitStaged" filter,
or specify the path to a custom filter class.
--ignore=<patterns> Ignore files based on a comma-separated list of
patterns matching files and/or directories.
--extensions=<extensions> Check files with the specified file extensions
(comma-separated list). Defaults to
php,inc/php,js,css.
The type of the file can be specified using:
ext/type; e.g. module/php,es/js.
-l Check local directory only, no recursion.
Rule Selection Options:
--standard=<standard> The name of, or the path to, the coding
standard to use. Can be a comma-separated list
specifying multiple standards. If no standard
is specified, PHP_CodeSniffer will look for a
[.]phpcs.xml[.dist] custom ruleset file in the
current directory and those above it.
--sniffs=<sniffs> A comma-separated list of sniff codes to limit
the scan to. All sniffs must be part of the
standard in use.
--exclude=<sniffs> A comma-separated list of sniff codes to
exclude from the scan. All sniffs must be part
of the standard in use.
-i Show a list of installed coding standards.
-e Explain a standard by showing the names of all
the sniffs it includes.
--generator=<generator> Show documentation for a standard. Use either
the "HTML", "Markdown" or "Text" generator.
Run Options:
-a Run in interactive mode, pausing after each
file.
--bootstrap=<bootstrap> Run the specified file(s) before processing
begins. A list of files can be provided,
separated by commas.
--cache[=<cacheFile>] Cache results between runs. Optionally,
<cacheFile> can be provided to use a specific
file for caching. Otherwise, a temporary file
is used.
--no-cache Do not cache results between runs (default).
--parallel=<processes> The number of files to be checked
simultaneously. Defaults to 1 (no parallel
processing).
If enabled, this option only takes effect if
the PHP PCNTL (Process Control) extension is
available.
-d <key[=value]> Set the [key] php.ini value to [value] or set
to [true] if value is omitted.
Note: only php.ini settings which can be
changed at runtime are supported.
Reporting Options:
--report=<report> Print either the "full", "xml", "checkstyle",
"csv", "json", "junit", "emacs", "source",
"summary", "diff", "svnblame", "gitblame",
"hgblame", "notifysend" or "performance" report
or specify the path to a custom report class.
By default, the "full" report is displayed.
--report-file=<reportFile> Write the report to the specified file path.
--report-<report>=<reportFile> Write the report specified in <report> to the
specified file path.
--report-width=<reportWidth> How many columns wide screen reports should be.
Set to "auto" to use current screen width,
where supported.
--basepath=<basepath> Strip a path from the front of file paths
inside reports.
-w Include both warnings and errors (default).
-n Do not include warnings. Shortcut for
"--warning-severity=0".
--severity=<severity> The minimum severity required to display an
error or warning. Defaults to 5.
--error-severity=<severity> The minimum severity required to display an
error. Defaults to 5.
--warning-severity=<severity> The minimum severity required to display a
warning. Defaults to 5.
-s Show sniff error codes in all reports.
--ignore-annotations Ignore all "phpcs:..." annotations in code
comments.
--colors Use colors in screen output.
--no-colors Do not use colors in screen output (default).
-p Show progress of the run.
-q Quiet mode; disables progress and verbose
output.
-m Stop error messages from being recorded. This
saves a lot of memory but stops many reports
from being used.
Configuration Options:
--encoding=<encoding> The encoding of the files being checked.
Defaults to "utf-8".
--tab-width=<tabWidth> The number of spaces each tab represents.
Default values for a selection of options can be stored in a user-specific
CodeSniffer.conf configuration file.
This applies to the following options: "default_standard", "report_format",
"tab_width", "encoding", "severity", "error_severity", "warning_severity",
"show_warnings", "report_width", "show_progress", "quiet", "colors", "cache",
"parallel".
--config-show Show the configuration options which are
currently stored in the applicable
CodeSniffer.conf file.
--config-set <key> <value> Save a configuration option to the
CodeSniffer.conf file.
--config-delete <key> Delete a configuration option from the
CodeSniffer.conf file.
--runtime-set <key> <value> Set a configuration option to be applied to the
current scan run only.
Miscellaneous Options:
-h, -?, --help Print this help message.
--version Print version information.
-v Verbose output: Print processed files.
-vv Verbose output: Print ruleset and token output.
-vvv Verbose output: Print sniff processing
information.
Installation on mega-linter Docker image
- Dockerfile commands :
# Parent descriptor install
RUN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" \
&& export GITHUB_AUTH_TOKEN \
&& wget --tries=5 -q -O phive.phar https://phar.io/releases/phive.phar \
&& wget --tries=5 -q -O phive.phar.asc https://phar.io/releases/phive.phar.asc \
&& PHAR_KEY_ID="0x6AF725270AB81E04D79442549D8A98B29B2D5D79" \
&& ( gpg --keyserver hkps://keys.openpgp.org --recv-keys "$PHAR_KEY_ID" \
|| gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys "$PHAR_KEY_ID" \
|| gpg --keyserver keyserver.pgp.com --recv-keys "$PHAR_KEY_ID" \
|| gpg --keyserver pgp.mit.edu --recv-keys "$PHAR_KEY_ID" ) \
&& gpg --verify phive.phar.asc phive.phar \
&& chmod +x phive.phar \
&& mv phive.phar /usr/local/bin/phive \
&& rm phive.phar.asc \
&& update-alternatives --install /usr/bin/php php /usr/bin/php83 110
COPY --from=composer/composer:2-bin /composer /usr/bin/composer
ENV PATH="/root/.composer/vendor/bin:${PATH}"
# Linter install
RUN GITHUB_AUTH_TOKEN="$(cat /run/secrets/GITHUB_TOKEN)" && export GITHUB_AUTH_TOKEN && composer global require squizlabs/php_codesniffer bartlett/sarif-php-converters "1.0.x-dev#8ed4611 as 1.0.0"