phpcs security audit v3

We have hosted the application phpcs security audit v3 in order to run this application in our online workstations with Wine or directly.

Quick description about phpcs security audit v3:

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds vulnerabilities and weaknesses related to security in PHP code. It currently has core PHP rules as well as Drupal 7-specific rules. The tool also checks for CVE issues and security advisories related to the CMS/framework. This enables you to follow the versioning of components during static code analysis. The main reason for this project being an extension of PHP_CodeSniffer is to have easy integration into continuous integration systems. It also allows for finding security bugs that are not detected with some object-oriented analysis (such as PHPMD). phpcs-security-audit in its beginning was backed by Pheromone (later on named Floe Design + Technologies) and written by Jonathan Marcil. Requires PHP CodeSniffer version 3.1.0 or higher with PHP 5.4 or higher.

Features:

• Requires PHP CodeSniffer version 3.1.0 or higher with PHP 5.4 or higher
• Simply set the standard to Security or point to any XML ruleset file and to a folder to scan
• ParanoiaMode: set to 0 to reduce false positive. set to 1 (default) to be a lot more verbose
• As with the normal PHP CodeSniffer rules, customization is provided in the XML files
• It currently has core PHP rules as well as Drupal 7 specific rules
• The tool also checks for CVE issues and security advisories related to the CMS/framework

Programming Language: PHP.
Categories: