Skip to content

drupal-spider/DrupalSecurity

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
DrupalSecurity
DrupalSecurity
 
 
CHANGELOG.md
CHANGELOG.md
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

DrupalSecurity

DrupalSecurity is a library for automated Drupal code security reviews. It defines rules for PHP_CodeSniffer

Note that Javascript has not been supported yet. To check and fix Javascript files please use ESLint and see the Drupal ESLint documentation.

Global installation

composer global require "squizlabs/php_codesniffer=*"
composer global require drupal-spider/drupalsecurity

Make sure you have the composer bin dir in your PATH. The default value is ~/.composer/vendor/bin/, but you can check the value that you need to use by running composer global config bin-dir --absolute.

Usage

Check Drupal Security standards

phpcs --standard=DrupalSecurity  --ignore='*/tests/*' --extensions=php,module,inc,install,theme,yml,twig [/file/to/drupal/module]

List all sniffers

phpcs --standard=DrupalSecurity -e

About

PHP code sniffer plugin for Drupal code security audit.

Topics

security security-audit drupal php-codesniffer phpcs security-scanner security-testing security-scan

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 8

1.2.3 Latest
Nov 8, 2025
+ 7 releases

Packages

No packages published

Languages