PHPMD Converter
Note
Available since version 1.0.0
Table Of Contents
Requirements
- PHP Mess Detector requires PHP version 5.3.9 or greater, with
xmlextensions loaded - This SARIF converter requires at least PHPMD version 2.0, but version 3.0 is highly recommended.
Version 3.x is still under development,
but the Bartlett\Sarif\Converter\Reporter\PhpMdRenderer class is ready to use new feature
(Simplify load of external custom renderer).
Until this feature is GA into official PHPMD repository, you can use such composer.json requirements
{
"minimum-stability": "dev",
"require-dev": {
"phpmd/phpmd": "3.x-dev"
}
}
Installation
composer require --dev phpmd/phpmd bartlett/sarif-php-converters
Usage
Warning
As PHMMD v2.15 is not able to specify/boot custom renderer easily, we have no other alternative that using the Console Tool convert command.
Step 1: Build the checkstyle output report
vendor/bin/phpmd /path/to/source checkstyle ruleset --report-file=checkstyle.xml
Step 2: And finally, convert it to SARIF with the Console Tool
php report-converter convert phpmd --input-format=checkstyle --input-file=examples/phpmd/checkstyle.xml -v
Tip
- Without verbose option (
-v) the Console Tool will print a compact SARIF version. --output-fileoption allows to write a copy of the report to a file. By default, the Console Tool will always print the specified report to the standard output.
Alternative usage
Note
When PHPMD 3.0 will be GA, you can use this alternative
Step 1: Build the sarif output report directly via the default Bartlett\Sarif\Converter\Reporter\PhpMdRenderer
vendor/bin/phpmd /path/to/source '\Bartlett\Sarif\Converter\Reporter\PhpMdRenderer' ruleset --bootstrap vendor/autoload.php --report-file=sarif.json
Learn more
- See demo
examples/phpmd/directory into this repository.
IDE Integration
The SARIF report file [*].sarif.json is automagically recognized and interpreted by PhpStorm (2024).
Web SARIF viewer
With the React based component, you are able to explore a sarif report file previously generated.
For example:
