Security ruleset not found

[kenorb]

Problem/Motivation

The plugin doesn't see new Security Sniff standards of pheromone/phpcs-security-audit package.

Expected behaviour

It should find the coding standards as advertised.

Actual behaviour

(What actually happened)

Steps to reproduce

I've got the following package in my composer.json:

"pheromone/phpcs-security-audit":  "1.*@stable",

composer.json file:

{
    "require": {
        "dealerdirect/phpcodesniffer-composer-installer": "^0.4.4",
        "drupal/coder":                    "^8@stable",
        "pheromone/phpcs-security-audit":  "1.*@stable"
    }
}

1. composer install.

2. ./vendor/bin/phpcs -i

   The installed coding standards are MySource, PEAR, PHPCS, PSR1, PSR2, Squiz, Zend, Drupal and DrupalPractice

So it detected Drupal coding standards, but not Security.

[frenck]

@kenorb Thank you for submitting an issue to us.

I've looked at the standards package you are referring to and concluded it is not an issue with this plugin. This plugin requires the proper setup of a package, which the referred packages does not comply with.

Please see the requirements for packages to work with this addon documented here:
https://github.com/Dealerdirect/phpcodesniffer-composer-installer#developing-coding-standards

I would recommend opening a PR on the remote package (or submit an issue, in case you aren't comfortable opening a PR).

[jrfnl]

FYI: for anyone who comes across this issue - in the mean time, this has been fixed in the Security standard package. The fix was included in version 2.0.1 of the package (August 2019).