How to configure GitLab's phpcs-security-audit analyzer?
I am trying to use phpcs-security-audit by including GitLab's SAST template. It generates a report as expected, but the report is filled with warnings from libraries and specific warnings that I would like to ignore for the report to be useful.
If I ran phpcs and phpcs-security-audit myself, I could store settings in a config file. Storing settings in .phpcs.xml works locally, but has no effect on GitLab's phpcs-security-audit analyzer. I can't find any documentation for it. Is it possible to configure the analyzer, and if so how?
Yes you can. It's simple, create directory .gitlab, inside that create file called sast-ruleset.toml. In the sast-ruleset.toml, add this following code:
[phpcs-security-audit]
[[phpcs-security-audit.ruleset]]
disable = true
[phpcs-security-audit.ruleset.identifier]
type = "phpcs_security_audit_source"
value = "PHPCS_SecurityAudit.BadFunctions.FilesystemFunctions.WarnFilesystem"
value is warning that you want to ignore, you can get the value in the Security Tab, go to the warning and select the Identifiers.
See the Gitlab documentation for more details.
- Laravel: Auth::user()->id trying to get a property of a non-object
- How to create custom helper functions in Laravel
- How to execute some code BEFORE logout in WordPress
- multiple image upload issue while editing images in codeigniter php
- Symfony 7.0 AssetMapper: JS Files Only Load on Initial Page Load or After F5 Refresh
- Twilio TaskRouter: Need Help in Conference Call
- Wordpress - No value for custom post type column
- How to add/update custom cart item data in the cart page
- Laravel Filament library magic
- curl error 28 for composer update/install laravel
- Xpath reverse searching
- PHP Scrape nested pages
- How to scrape iframe content using cURL
- Sonata Admin Image Field
- Dollar symbol in eval function php
- unable to delete a property (or appProperty) using php client in google drive object
- Alternative for the wc_add_to_cart_message hook in Woocommerce for WP
- WP Query: How to get posts from a specific author OR those with a specific meta value
- How to get "items" column in orders panel in WooCommerce
- PHP foreach from sequence numbers
- How to set default configuration for Sonata sonata_type_date_picker
- Assetic to include all files within sub directories
- Importing tables from external database in Symfony2 with doctrine
- How to add custom property to Symfony Doctrine YAML mapping file
- Shopware 6 plugin: How to Resolve 'Undefined Array Key' Warning?
- Can not connect to wordpress in localhost (GET http://localhost/ net::ERR_CONNECTION_REFUSED)
- How can I retrieve the current error handler?
- Split a string by commas which are not inside potentially nested parentheses
- Split a string on commas which are followed by a space, word, then a colon
- Replace commas with newlines