Repository files navigation

PHP_CodeSniffer is a set of two PHP scripts; the mainphpcs script that tokenizes PHP files to detect violations of a defined coding standard, and a secondphpcbf script to automatically correct coding standard violations. PHP_CodeSniffer is an essential development tool that ensures your code remains clean and consistent.

PHP_CodeSniffer requires PHP version 7.2.0 or greater, although individual sniffs may have additional requirements such as external applications and scripts. See theConfiguration Options manual page for a list of these requirements.

If you're using PHP_CodeSniffer as part of a team, or you're running it on aCI server, you may want to configure your project's settingsusing a configuration file.

The easiest way to get started with PHP_CodeSniffer is to download the Phar files for each of the commands:

# Download using curlcurl -OL https://phars.phpcodesniffer.com/phpcs.pharcurl -OL https://phars.phpcodesniffer.com/phpcbf.phar# Or download using wgetwget https://phars.phpcodesniffer.com/phpcs.pharwget https://phars.phpcodesniffer.com/phpcbf.phar# Then test the downloaded PHARsphp phpcs.phar -hphp phpcbf.phar -h

These Phars are signed with the official Release key for PHPCS with thefingerprintD91D 8696 3AF3 A29B 6520 4622 97B0 2DD8 E507 1466.

As of PHP_CodeSniffer 3.10.3, the provenance of PHAR files associated with a release can be verified viaGitHub Artifact Attestations using theGitHub CLI tool with the following command:gh attestation verify [phpcs|phpcbf].phar -o PHPCSStandards.

If you use Composer, you can install PHP_CodeSniffer system-wide with the following command:

composer global require"squizlabs/php_codesniffer=*"

Make sure you have the composer bin dir in your PATH. The default value is~/.composer/vendor/bin/, but you can check the value that you need to use by runningcomposer global config bin-dir --absolute.

Or alternatively, include a dependency forsquizlabs/php_codesniffer in yourcomposer.json file. For example:

{"require-dev": {"squizlabs/php_codesniffer":"^4.0"    }}

You will then be able to run PHP_CodeSniffer from the vendor bin directory:

./vendor/bin/phpcs -h./vendor/bin/phpcbf -h

If you use Phive, you can install PHP_CodeSniffer as a project tool using the following commands:

phive install --trust-gpg-keys D91D86963AF3A29B6520462297B02DD8E5071466 phpcsphive install --trust-gpg-keys D91D86963AF3A29B6520462297B02DD8E5071466 phpcbf

You will then be able to run PHP_CodeSniffer from thetools directory:

./tools/phpcs -h./tools/phpcbf -h

You can also download the PHP_CodeSniffer source and run thephpcs andphpcbf commands directly from the Git clone:

git clone https://github.com/PHPCSStandards/PHP_CodeSniffer.gitcd PHP_CodeSnifferphp bin/phpcs -hphp bin/phpcbf -h

The default coding standard used by PHP_CodeSniffer is the PSR12 coding standard. To check a file against the PSR12 coding standard, simply specify the file's location:

phpcs /path/to/code/myfile.php

Or if you wish to check an entire directory you can specify the directory location instead of a file.

phpcs /path/to/code-directory

If you wish to check your code against the PEAR coding standard, use the--standard command line argument:

phpcs --standard=PEAR /path/to/code-directory

If PHP_CodeSniffer finds any coding standard errors, a report will be shown after running the command.

Full usage information and example reports are available on theusage page.

The documentation for PHP_CodeSniffer is available on theGitHub wiki.

Bug reports and feature requests can be submitted on theGitHub Issue Tracker.

SeeCONTRIBUTING.md for information.

PHP_CodeSniffer uses aMAJOR.MINOR.PATCH version number format.

TheMAJOR version is incremented when:

• backwards-incompatible changes are made to how thephpcs orphpcbf commands are used, or
• backwards-incompatible changes are made to theruleset.xml format, or
• backwards-incompatible changes are made to the API used by sniff developers, or
• custom PHP_CodeSniffer token types are removed, or
• existing sniffs are removed from PHP_CodeSniffer entirely

TheMINOR version is incremented when:

• new backwards-compatible features are added to thephpcs andphpcbf commands, or
• backwards-compatible changes are made to theruleset.xml format, or
• backwards-compatible changes are made to the API used by sniff developers, or
• new sniffs are added to an included standard, or
• existing sniffs are removed from an included standard

NOTE: Backwards-compatible changes to the API used by sniff developers will allow an existing sniff to continue running without producing fatal errors but may not result in the sniff reporting the same errors as it did previously without changes being required.

ThePATCH version is incremented when:

• backwards-compatible bug fixes are made

NOTE: As PHP_CodeSniffer exists to report and fix issues, most bugs are the result of coding standard errors being incorrectly reported or coding standard errors not being reported when they should be. This means that the messages produced by PHP_CodeSniffer, and the fixes it makes, are likely to be different between PATCH versions.