@sgiehl opened this Pull Request on November 19th 2020 Member

Description:

In order to improve our code quality a bit, it would imho be awesome by stating to introduce automatic PHPCS checks.
I've started with a very basic ruleset, that only disallows the usage of short open tags and forces using \n as line endings.

There is also a new workflow, that will automatically run for Pull Requests, so it can be directly seen if a PR breaks any coding rules.

If that PR get's merged I would add some other rules step by step and directly provide fixes for code that doesn't comply. Maybe anyone else also has some suggestions for rules we should use.

Review

  • [ ] Functional review done
  • [ ] Usability review done (is anything maybe unclear or think about anything that would cause people to reach out to support)
  • [ ] Security review done see checklist
  • [ ] Code review done
  • [ ] Tests were added if useful/possible
  • [ ] Reviewed for breaking changes
  • [ ] Developer changelog updated if needed
  • [ ] Documentation added if needed
  • [ ] Existing documentation updated if needed
@sgiehl commented on November 19th 2020 Member

I've added another commit that adds a short open tag (should be removed before merge). The check fails now because of it. The error is also directly highlighted in the changed files tab.

@tsteur commented on November 19th 2020 Member

sure could start with just this and see over time if/when we run into issues that could have been detected through this and then add it when needed (or when we notice something as part of a review we could think whether we can automatically detect certain thing in the future). Generally not so much coding style as it's not as important but probably more like not using unserialize method directly checks etc.

@sgiehl commented on November 20th 2020 Member

Disallowing some methods like eval or create_function seems also be good. Will add a simply rule for that and for forcing to use Common::safe_unserialize instead of unserialize. Any other method we should disallow?

@tsteur commented on November 22nd 2020 Member

Any other method we should disallow?

Not needed for now. Be good to keep it simple.

Powered by GitHub Issue Mirror