Merge pull request #12 from YouweGit/feature/split-grumphp-config-tem…

…plates

Split out grumphp configuration into magento2 and pimcore options

CHANGELOG.md

@@ -4,6 +4,22 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## 2.15.0
+### Added
+- Project type resolver can now look for pimcore projects.
+  - Pimcore projects have their own [git blacklist](docs/components/git-blacklist.md) configuration.
+  - In the future, the pimcore coding standard will have its own package for `phpcs.xml` and `phpmd.xml` rulesets.
+- `grumphp.yml` file for `pimcore` projects.
+  - This file falls back on the default configuration and inherits all properties, except for the blacklist triggers. 
+- [Git blacklist](docs/components/git-blacklist.md) documentation.
+
+### Changed
+- The magento2 `grumphp.yml` file is split off from the default configuration.
+  - The `grumphp.yml` that's part of a project will automatically point to the new magento2-specific config file.
+  - The new file falls back on the default configuration, and overrides the git blacklist keywords and triggers.
+  - The magento specific constructs are also removed from the default `grumphp.yml` template.
+- The default `phpcs.xml` file now references a relative ruleset instead of an absolute path.
+
 ## 2.14.0
 ### Added
 - New pathing for `phpcs.xml` file.

README.md

@@ -20,9 +20,11 @@ predefined default configurations per project type.
 - Laravel (`laravel`)
 - [Magento 1](docs/project-types/magento1.md) (`magento1`)
 - [Magento 2](docs/project-types/magento2.md) (`magento2`)
+- Pimcore (`pimcore`)
 
 ## Included analysis tools
 
+- [Git blacklist](docs/components/git-blacklist.md)
 - [Composer file validation](docs/components/composer.md)
 - [JSON Lint](docs/components/jsonlint.md)
 - [YamlLint](docs/components/yamllint.md)

config/default/grumphp.yml

@@ -45,11 +45,19 @@ parameters:
 
   git_blacklist.keywords:
     - "die("
+    - "dd("
     - "var_dump("
+    - "console.log("
+    - "alert("
+    - "print_r("
+    - "phpinfo("
     - "exit;"
-    - "Magento\\\\Framework\\\\App\\\\ObjectManager"
+    - "<<<<<"
+    - ">>>>>"
+    - "====="
+    - "<?php echo"
+  git_blacklist.triggered_by: [ 'php', 'js' ]
   git_blacklist.whitelist_patterns: []
-  git_blacklist.triggered_by: [ 'php' ]
   git_blacklist.regexp_type: G
   git_blacklist.match_word: false
 

config/magento2/grumphp.yml

@@ -0,0 +1,20 @@
+imports:
+  - resource: '../default/grumphp.yml'
+
+# Extend git blacklist and triggers with Magento constructs
+parameters:
+  git_blacklist.keywords:
+    - "die("
+    - "dd("
+    - "var_dump("
+    - "console.log("
+    - "alert("
+    - "print_r("
+    - "phpinfo("
+    - "exit;"
+    - "<<<<<"
+    - ">>>>>"
+    - "====="
+    - "<?php echo"
+    - "Magento\\\\Framework\\\\App\\\\ObjectManager"
+  git_blacklist.triggered_by: [ 'php', 'js', 'phtml' ]

config/pimcore/grumphp.yml

@@ -0,0 +1,6 @@
+imports:
+  - resource: '../default/grumphp.yml'
+
+# Extend git triggers with common pimcore constructs
+parameters:
+  git_blacklist.triggered_by: [ 'php', 'js', 'twig' ]

docs/components/git-blacklist.md

@@ -0,0 +1,77 @@
+# Git commit keyword validation
+
+## Purpose
+Every commit, blacklisted phrases are scanned within scanned files containing a specified file extension.\
+The purpose of these checks is to prevent committing production-breaking or sensative system information.
+
+## Keywords used
+**_Note:_** some example configuration is below. Specific packages might override the default configuration.
+
+To prevent accidental commits of specific syntax that may cause issues, the testing suite sniffs\
+several keywords in your commits.
+
+### Preventing production logs, debug statements and leaking sensitive system information
+```yaml
+- "die("
+- "dd("
+- "var_dump("
+- "console.log("
+- "alert("
+- "print_r("
+- "phpinfo("
+```
+
+### Preventing accidental committing of merge conflicts
+```yaml
+- "<<<<<"
+- ">>>>>"
+- "====="
+```
+
+### Preventing statements that have better alternatives
+```yaml
+- "<?php echo"
+```
+
+* The magento2 coding standards extend this with invocation of the ObjectManager.
+
+## Files scanned
+The following files are scanned for blacklisted keywords in a default configuration.
+
+**_Note:_** different project types might override the files scanned.
+```yaml
+- .php
+- .js
+```
+* Magento2 project types extend this with .phtml files.
+* Pimcore project types extend this with .twig files.
+
+## Override the configuration
+To override the default git blacklist with your own, override the configuration in the `grumphp.yml` file\
+in your local project. An example configuration can be found below.
+
+Full details of available configuration options can be found [here](https://github.com/phpro/grumphp/blob/master/doc/tasks/git_blacklist.md).
+
+Note: configuration keys are **overwritten, not merged**.
+
+```yaml
+imports:
+    - resource: 'vendor/youwe/testing-suite/config/default/grumphp.yml'
+
+parameters:
+    git_blacklist.keywords:
+        - "die("
+        - "dd("
+        - "var_dump("
+        - "console.log("
+        - "alert("
+        - "print_r("
+        - "phpinfo("
+        - "exit;"
+        - "<<<<<"
+        - ">>>>>"
+        - "====="
+        - "<?php echo"
+        - "My additional keyword"
+    git_blacklist.triggered_by: [ 'php', 'js', 'additional_file_extension_here' ]
+```

src/Installer/FilesInstaller.php

@@ -80,7 +80,7 @@ private function resolveYouwePathing(FileMappingInterface $unixFileMapping): voi
     {
         $name = $unixFileMapping->getRelativeDestination();
 
-        if ($this->mappingResolver->getTypeResolver()->resolve() === 'magento2' && !in_array($name, ['grumphp.yml'])) {
+        if ($this->mappingResolver->getTypeResolver()->resolve() === 'magento2') {
             if ($name === "phpcs.xml") {
                 $this->updatePath(
                     $unixFileMapping->getDestination(),
@@ -101,6 +101,15 @@ private function resolveYouwePathing(FileMappingInterface $unixFileMapping): voi
                     ],
                     './vendor/youwe/coding-standard-magento2/src/YouweMagento2/phpmd.xml'
                 );
+            } elseif ($name === "grumphp.yml") {
+                $this->updatePath(
+                    $unixFileMapping->getDestination(),
+                    [
+                        'vendor/mediact/testing-suite/config/default/grumphp.yml',
+                        'vendor/youwe/testing-suite/config/default/grumphp.yml'
+                    ],
+                    'vendor/youwe/testing-suite/config/magento2/grumphp.yml'
+                );
             }
         } elseif ($this->mappingResolver->getTypeResolver()->resolve() === 'magento') {
             if ($name === "phpcs.xml") {

src/ProjectTypeResolver.php

@@ -40,6 +40,7 @@ class ProjectTypeResolver
         'magento-project' => 'magento2',
         'alumio-project'  => 'alumio',
         'laravel-project' => 'laravel',
+        'pimcore-project' => 'pimcore'
     ];
 
     public const DEFAULT_PROJECT_TYPE = 'default';

templates/files/default/phpcs.xml

@@ -6,7 +6,7 @@
          xsi:noNamespaceSchemaLocation="http://pmd.sf.net/ruleset_xml_schema.xsd">
     <description>PHPCS</description>
     <!--<exclude-pattern>path/to/exclude/*</exclude-pattern>-->
-    <rule ref="./vendor/youwe/coding-standard/src/Youwe"/>
+    <rule ref="Youwe"/>
     <!-- Append arg -s to phpcs to display the name of failed sniffs -->
     <arg value="s"/>
 </ruleset>

templates/files/pimcore/grumphp.yml

@@ -0,0 +1,2 @@
+imports:
+  - resource: 'vendor/youwe/testing-suite/config/pimcore/grumphp.yml'