Skip to content
This repository was archived by the owner on Feb 17, 2026. It is now read-only.

govCMS/DrupalSecurity

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits
DrupalSecurity
DrupalSecurity
 
 
CHANGELOG.md
CHANGELOG.md
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

DrupalSecurity

DrupalSecurity is a library for automated Drupal code security reviews. It defines rules for PHP_CodeSniffer

Note that Javascript has not been supported yet. To check and fix Javascript files please use ESLint and see the Drupal ESLint documentation.

Global installation

First, install composer if you haven't already:

brew install composer

Then install with composer PHP_Codesniffer, PHPCSUtils, and Drupal Coder:

composer global require --dev drupal/coder 
composer global require --dev phpcsstandards/phpcsutils

Next, make the phpcs command globally available. Assuming you are running zsh:

echo 'export PATH="$PATH:$HOME/.composer/vendor/bin"' >> ~/.zshrc
zsh # Reload shell so phpcs is immediately available

Clone this repository to a location of your choice. Once you have done this, save the path to a variable:

DS_PATH=/path/to/DrupalSecurity

Then add this repository to PHPCS's set of available standards:

ORIG_PATHS=$(phpcs --config-show | sed -n 's/^installed_paths: //p')
phpcs --config-set installed_paths ${ORIG_PATHS},${DS_PATH}

If it is installed correctly, DrupalSecurity should appear in the list of standards when running phpcs -i.

Usage

Check Drupal Security standards

phpcs --standard=DrupalSecurity --extensions=php,module,inc,install,theme,yml,twig /path/to/drupal/module

About

PHP code sniffer plugin for Drupal code security audit.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • PHP 99.3%
  • Other 0.7%