Comments (9)
jrfnl
commented on July 17, 2024
@nikitastupin I know virtually nothing about Docker, but I can tell you that the install instructions have changed with c36e8c6, which will be in the next major.
Did you update your Docker build script with the new install instructions ?
from phpcs-security-audit.
jmarcil
commented on July 17, 2024
That error can be when it cannot find the phpcs sniff due to wrong installed_paths. By default it is a relative path, and might work better if we set something absolute in Docker.
Can you try to add this line before WORKDIR /tmp in the Dockerfile:
RUN /tmp/vendor/bin/phpcs --config-set installed_paths /tmp/vendor/pheromone/phpcs-security-audit/
from phpcs-security-audit.
jrfnl
commented on July 17, 2024
@jmarcil That shouldn't be needed as the dealerdirect/phpcodesniffer-composer-installer composer plugin should set that automatically.
@nikitastupin What does phpcs -i return ?
from phpcs-security-audit.
nikitastupin
commented on July 17, 2024
I've added this line and error gone!
What does phpcs -i return ?
The installed coding standards are MySource, PEAR, PSR12, PSR2, Zend, Squiz and PSR1
from phpcs-security-audit.
jrfnl
commented on July 17, 2024
The installed coding standards are MySource, PEAR, PSR12, PSR2, Zend, Squiz and PSR1
Hmm.. that doesn't look right... in that case you should still get the error. Could it be that there are multiple PHPCS installs in the image ? and that this one is a different one from the one containing the Security standard ?
What about vendor/bin/phpcs -i ?
from phpcs-security-audit.
nikitastupin
commented on July 17, 2024
Hmm.. that doesn't look right... in that case you should still get the error. Could it be that there are multiple PHPCS installs in the image ? and that this one is a different one from the one containing the Security standard ?
I did phpcs -i on image that returns the error :)
After that I've added RUN /tmp/vendor/bin/phpcs --config-set installed_paths /tmp/vendor/pheromone/phpcs-security-audit/ to Dockerfile and error has gone!
from phpcs-security-audit.
jmarcil
commented on July 17, 2024
@nikitastupin can you create a pull request with that fix? I'll promptly merge it.
from phpcs-security-audit.
nikitastupin
commented on July 17, 2024
Done #64
from phpcs-security-audit.
jmarcil
commented on July 17, 2024
OK now master should be "fixed". I've done this just to have a working state as I'm not sure when this will be properly fixed.
My take on this is that phpcodesniffer-composer-installer doesn't work properly within our Docker environment and it's probably setting the wrong installed_paths for whatever reason.
I still haven't created/tested any composer package with what we have so far, so maybe that's a problem regardless of Docker.
Also, I noticed that in the instruction we're supposed to do --dev (but yet we don't use require-dev in composer.json?) and the docker file doesn't do --dev. Maybe that's why phpcodesniffer-composer-installer is ineffective?
@nikitastupin I'll close this issue, as the bug is resolved with your PR, but I'd appreciate a lot if you could figure out (maybe with some help from @jrfnl) what is wrong with Docker / our package right now.
from phpcs-security-audit.
Related Issues (20)
- Fix compliance of project with PHPCS HOT 10
- Strings as assert expressions are deprecated. HOT 4
- Figure out repo organization and ownership for the future
- Add CI/build testing HOT 6
- Add sniff specific unit tests HOT 6
- PR #50 breaks drupal7 usage HOT 1
- $utils::is_token_false_positive is fiddly and unstable HOT 1
- Solving EasyRFI via new EasyRFINotice severity HOT 7
- Create new release to fix deprecation warnings HOT 8
- Unable to view Security coding standard after Composer install HOT 3
- ERROR: Referenced sniff "Security.BadFunctions.Asserts" does not exist HOT 2
- Windows user, Unable to find phpcs command or bin file HOT 1
- Update security rulesets
- Potential vulnerabilities are being hidden with concatenation
- Installation instructions not working HOT 1
- Add support for native function imports
- Callback functions warnings
- file_put_contents warning about dynamic parameter
- Question for ErrMiscIncludeMismatchNoExt
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phpcs-security-audit.