Add improvements for 2.15.0 version

* Add git blacklist documentation
* Update readme to add reference to git blacklist documentation
* Update readme to list new pimcore project type availability
* Update changelog based on PR feedback
* Add additional merge conflict check to git blacklist
* Update phpinfo check in git blacklist to be more robust

CHANGELOG.md

@@ -6,18 +6,19 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## 2.15.0
 ### Added
-- Support for project type `pimcore` in project type resolvers.
-- Separate configuration file for project type `magento2`.
-  The magento2 configuration file updates the trigger_by and blacklist config for magento2-specific system constructs.
-- Separate configuration file for project type `pimcore`.
-  The pimcore configuration overrides default trigger_by configuration to check the git blacklist on twig templates.
- 
+- Project type resolver can now look for pimcore projects.
+  - Pimcore projects have their own [git blacklist](docs/components/git-blacklist.md) configuration.
+  - In the future, the pimcore coding standard will have its own package for `phpcs.xml` and `phpmd.xml` rulesets.
+- `grumphp.yml` file for `pimcore` projects.
+  - This file falls back on the default configuration and inherits all properties, except for the blacklist triggers. 
+- [Git blacklist](docs/components/git-blacklist.md) documentation.
 
 ### Changed
-- Project type resolver can now look for pimcore projects.
-- The local grumphp.yml file will automatically point to the new magento2-specific config file after a composer install.
-- The default grumphp.yml template no longer contains references to magento specific system constructs.
-- The default phpcs.xml file now references a relative ruleset instead of an absolute path.
+- The magento2 `grumphp.yml` file is split off from the default configuration.
+  - The `grumphp.yml` that's part of a project will automatically point to the new magento2-specific config file.
+  - The new file falls back on the default configuration, and overrides the git blacklist keywords and triggers.
+  - The magento specific constructs are also removed from the default `grumphp.yml` template.
+- The default `phpcs.xml` file now references a relative ruleset instead of an absolute path.
 
 ## 2.14.0
 ### Added

README.md

@@ -20,9 +20,11 @@ predefined default configurations per project type.
 - Laravel (`laravel`)
 - [Magento 1](docs/project-types/magento1.md) (`magento1`)
 - [Magento 2](docs/project-types/magento2.md) (`magento2`)
+- Pimcore (`pimcore`)
 
 ## Included analysis tools
 
+- [Git blacklist](docs/components/git-blacklist.md)
 - [Composer file validation](docs/components/composer.md)
 - [JSON Lint](docs/components/jsonlint.md)
 - [YamlLint](docs/components/yamllint.md)

config/default/grumphp.yml

@@ -50,9 +50,10 @@ parameters:
     - "console.log("
     - "alert("
     - "print_r("
-    - "phpinfo();"
+    - "phpinfo("
     - "exit;"
     - "<<<<<"
+    - ">>>>>"
     - "====="
     - "<?php echo"
   git_blacklist.triggered_by: [ 'php', 'js' ]

config/magento2/grumphp.yml

@@ -10,9 +10,10 @@ parameters:
     - "console.log("
     - "alert("
     - "print_r("
-    - "phpinfo();"
+    - "phpinfo("
     - "exit;"
     - "<<<<<"
+    - ">>>>>"
     - "====="
     - "<?php echo"
     - "Magento\\\\Framework\\\\App\\\\ObjectManager"

docs/components/git-blacklist.md

@@ -0,0 +1,77 @@
+# Git commit keyword validation
+
+## Purpose
+Every commit, blacklisted phrases are scanned within scanned files containing a specified file extension.\
+The purpose of these checks is to prevent committing production-breaking or sensative system information.
+
+## Keywords used
+**_Note:_** some example configuration is below. Specific packages might override the default configuration.
+
+To prevent accidental commits of specific syntax that may cause issues, the testing suite sniffs\
+several keywords in your commits.
+
+### Preventing production logs, debug statements and leaking sensitive system information
+```yaml
+- "die("
+- "dd("
+- "var_dump("
+- "console.log("
+- "alert("
+- "print_r("
+- "phpinfo("
+```
+
+### Preventing accidental committing of merge conflicts
+```yaml
+- "<<<<<"
+- ">>>>>"
+- "====="
+```
+
+### Preventing statements that have better alternatives
+```yaml
+- "<?php echo"
+```
+
+* The magento2 coding standards extend this with invocation of the ObjectManager.
+
+## Files scanned
+The following files are scanned for blacklisted keywords in a default configuration.
+
+**_Note:_** different project types might override the files scanned.
+```yaml
+- .php
+- .js
+```
+* Magento2 project types extend this with .phtml files.
+* Pimcore project types extend this with .twig files.
+
+## Override the configuration
+To override the default git blacklist with your own, override the configuration in the `grumphp.yml` file\
+in your local project. An example configuration can be found below.
+
+Full details of available configuration options can be found [here](https://github.com/phpro/grumphp/blob/master/doc/tasks/git_blacklist.md).
+
+Note: configuration keys are **overwritten, not merged**.
+
+```yaml
+imports:
+    - resource: 'vendor/youwe/testing-suite/config/default/grumphp.yml'
+
+parameters:
+    git_blacklist.keywords:
+        - "die("
+        - "dd("
+        - "var_dump("
+        - "console.log("
+        - "alert("
+        - "print_r("
+        - "phpinfo("
+        - "exit;"
+        - "<<<<<"
+        - ">>>>>"
+        - "====="
+        - "<?php echo"
+        - "My additional keyword"
+    git_blacklist.triggered_by: [ 'php', 'js', 'additional_file_extension_here' ]
+```