Some time ago I published a post on how to install PHP Coding Sniffer (phpcs) and rules for WordPress, in a “manual” way.
Recently, last August, we have had an update of the WordPress standards for phpcs, so we are going to install it on our development server (Ubuntu 20.04.6 LTS in this case) and already in a “more official” and “less handmade” way.
Composer
The first thing we need is to have Composer installed globally, unless we are going to use it only in the current project.
To do this we execute the following commands as indicated on their page (check their page for instructions, as the hashes will change with the versions):
php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');"
php -r "if (hash_file('sha384', 'composer-setup.php') === 'e21205b207c3ff031906575712edab6f13eb0b361f2085f1f1237b7126d785e826a450292b6cfd1d64d92e6563bbde02') { echo 'Installer verified'; } else { echo 'Installer corrupt'; unlink('composer-setup.php'); } echo PHP_EOL;"
php composer-setup.php
php -r "unlink('composer-setup.php');"
which performs the following tasks:
- Download the installer to the directory where you are.
- Verify the SHA-384 of the installer.
- Run the installer.
- Remove the installer.
If we also want to have Composer available from any path, without having to call php composer.phar
we execute:
sudo mv composer.phar /usr/local/bin/composer
Now we can check the version of Composer installed by running:
composer --version
2.6.5 at the time of publishing this entry.
Run Composer as root
If we are running the commands as root
(for example in GridPane prior to Ubuntu 22 with Vultr), it will warn us that we are going to run Composer as root
and ask us each time.
We can avoid this by executing the following command:
export COMPOSER_ALLOW_SUPERUSER=1;
It will be valid only during the current session.
We could save it in our script bash
, zsh
or the appropriate shell
, but I don’t think it is necessary, since the Composer commands to be executed are not something we do all the time.
Install phpcs
To install phpcs we execute in the console:
composer global require "squizlabs/php_codesniffer=*"
If everything went correctly, we will now have phpcs
installed at ~/.config/composer/vendor/bin
where the executables phpcs
(the Code Sniffer) and phpcbf
(Code Beautifier) are located.
In order not to have to add the complete path every time we have to run it, we can add it to our PATH.
For that we edit .bashrc
(or the one of the shell that corresponds as .zshrc
) and at the end of it we add:
export PATH="$PATH:$HOME/.config/composer/vendor/bin"
And we reload the configuration with source ~/.bashrc
Now we can move to a different directory and check that it works by looking at the versions of phpcs
and phpcbf
:
phpcs --version
phpcbf --version
And now we will check the standards installed with phpcs -i
that in the default installation will be as shown here:
Installing WordPress standards
To install the WordPress standards we run:
composer global config allow-plugins.dealerdirect/phpcodesniffer-composer-installer true
composer global require --dev wp-coding-standards/wpcs:"^3.0"
And we recheck the installed standards with phpcs -i
:
And when we need to update the version of the standards, we will execute:
composer global update wp-coding-standards/wpcs --with-dependencies
Installing more standards
As we saw in the previous article, we have more standards that can be useful such as WooCommerce, PHP Compatibility or PHP Compatibility WP.
// WooCommerce Standards
composer global require --dev "woocommerce/woocommerce-sniffs"
And as we can see, with the installation of WooCommerce standards, PHP Compatibility and PHP Compatibility WP are installed among others:
And we will already have phpcs
with the necessary standards installed in our development server.
Remember, as we saw in the previous article, we can customize our ruleset with the project configuration file (in my case I use .phpcs.xml
) and that the extension used in Visual Studio Code is vscode-phpcs (from Shevaua), since the previous one(phpcs from Ioannis Kappas) is obsolete and unsupported.