Skip to content

Easy-Coding-Standard Converter

easy-coding-standard/easy-coding-standard - GitHub

Note

Available since version 1.0.0

Table Of Contents

  1. Requirements
  2. Installation
  3. Usage
  4. Learn more
  5. IDE Integration
  6. Web SARIF viewer

ecs converter

Requirements

  • Easy-Coding-Standard requires PHP version 7.2.0 or greater,
  • This SARIF converter requires at least Easy-Coding-Standard version 12.3.1

Installation

composer require --dev symplify/easy-coding-standard bartlett/sarif-php-converters

Usage

Warning

As Easy-Coding-Standard is not able to load custom output format on fly without to modify the LazyContainerFactory (see e.g: add junit output formatter), we have no other alternative that using the Console Tool convert command.

Create a basic ECS config file

For example :

<?php

declare(strict_types=1);

use PhpCsFixer\Fixer\Import\NoUnusedImportsFixer;
use Symplify\EasyCodingStandard\Config\ECSConfig;

return ECSConfig::configure()
    ->withPaths([
        __DIR__ . '/examples',
        __DIR__ . '/src',
        __DIR__ . '/tests',
    ])

    // Report absolute path on filenames
    ->withRealPathReporting(true)

    // add a single rule
    ->withRules([
        NoUnusedImportsFixer::class,
    ])

    // add sets - group of rules
    ->withPreparedSets(
         arrays: true,
         namespaces: true,
         spaces: true,
         docblocks: true,
         comments: true,
    )
;

Build the native checkstyle output report

vendor/bin/ecs check --output-format=checkstyle > examples/ecs/checkstyle.xml

Warning

Be sure to specify absolute path to source code to analyze, otherwise the Console Tool convert command will raise some warnings about file names.

Add into your ecs.php config file, at least the following directive (available only since version 12.3.1) :

<?php
return ECSConfig::configure()->withRealPathReporting(true);

And finally, convert it to SARIF with the Console Tool

php report-converter convert ecs --input-format=checkstyle --input-file=examples/ecs/checkstyle.xml -v

Tip

  • Without verbose option (-v) the Console Tool will print a compact SARIF version.
  • --output-file option allows to write a copy of the report to a file. By default, the Console Tool will always print the specified report to the standard output.

Learn more

IDE Integration

The SARIF report file [*].sarif.json is automagically recognized and interpreted by PhpStorm (2024).

PHPStorm integration

Web SARIF viewer

With the React based component, you are able to explore a sarif report file previously generated.

For example:

sarif-web-ecs