drupal-spider / drupalsecurity

Drupal Security is a library to review security issue of Drupal code.

Maintainers

Details

github.com/drupal-spider/DrupalSecurity

Homepage

Source

Issues

Installs: 18

Dependents: 0

Suggesters: 0

Security: 0

Stars: 2

Watchers: 1

Forks: 2

Open Issues: 0

Type:phpcodesniffer-standard

pkg:composer/drupal-spider/drupalsecurity

1.2.3 2025-11-08 00:03 UTC

Requires

Requires (Dev)

phpunit/phpunit: >=3.7 <6

Suggests

None

Provides

None

Conflicts

None

Replaces

None

GPL-2.0+ 81d58d3b01e9b43ee8cc706cef8f88e4c4855b3f

security drupal standards phpcs code review

dev-1.x-master
1.2.3
1.2.2
1.2.1
1.2.0
1.1.1

This package is auto-updated.

Last update: 2025-11-23 22:48:23 UTC

README

DrupalSecurity is a library for automated Drupal code security reviews. It defines rules for PHP_CodeSniffer

Note that Javascript has not been supported yet. To check and fix Javascript files please use ESLint and see the Drupal ESLint documentation.

Global installation

composer global require "squizlabs/php_codesniffer=*"
composer global require drupal-spider/drupalsecurity

Make sure you have the composer bin dir in your PATH. The default value is ~/.composer/vendor/bin/, but you can check the value that you need to use by running composer global config bin-dir --absolute.

Usage

Check Drupal Security standards

phpcs --standard=DrupalSecurity  --ignore='*/tests/*' --extensions=php,module,inc,install,theme,yml,twig [/file/to/drupal/module]

List all sniffers

phpcs --standard=DrupalSecurity -e