v0.1.0

gruff-php 0.1.0

First public release. gruff-php is an opinionated PHP code-quality analyzer that scans your project, scores findings across rule pillars, and prints reports for the terminal, CI, GitHub annotations, SARIF, static HTML, or a local dashboard.

It is heuristic tooling. Use it alongside PHPStan, PHPUnit, PHP-CS-Fixer, or Psalm - not as a replacement for type checking or tests.

What you get

• 120 rules across 11 pillars: size, complexity, maintainability, dead-code, naming, documentation, modernisation, security, sensitive-data, test-quality, and design. Run php bin/gruff-php list-rules to see the full catalogue.
• Commands: analyse, summary, report, dashboard, list-rules.
• Output formats for analyse: text, json, html, markdown, github, hotspot, sarif.
• YAML config at .gruff-php.yaml with strict unknown-key rejection.
• Baselines to suppress known findings without disabling rules.
• Branch review with --diff, --diff-vs=<base>, and --changed-only.
• Optional Infection mutation analysis, with baselines and budgets.
• Stable schemas: gruff.analysis.v1, gruff.summary.v1, gruff.baseline.v1.

Install

composer require --dev devgoat/gruff-php
vendor/bin/gruff-php --help

Requires PHP ^8.3. CI runs on PHP 8.3 and 8.4.

Quick start

php bin/gruff-php analyse                                  # scan the project
php bin/gruff-php analyse --format markdown > report.md    # PR comment
php bin/gruff-php analyse --format sarif > gruff.sarif     # code scanning
php bin/gruff-php report --format html --output gruff.html # static report
php bin/gruff-php dashboard                                # local dashboard

Default fail threshold is error. Use --fail-on warning, --fail-on advisory, or --fail-on none to change it. Exit codes: 0 clean, 1 finding hit the threshold, 2 run diagnostic (config/parse/diff/baseline/mutation error).