Skip to end of metadata
Go to start of metadata

By SonarSource and Akram Ben Aissi – GNU LGPL v3 – Issue TrackerSources – Supported by SonarSource
More versions
SonarPHP 2.15 – Oct 26, 2018 – SonarQube 6.7+ (Compatible with LTS)
4 new rules based on CFG (Control Flow Graph)
DownloadRelease notes

Description

Enables the powerful SonarPHP analyzer.

 

First Analysis of a PHP Project

  1. Install SonarQube Server (see Setup and Upgrade for more details)
  2. Install SonarQube Scanner and be sure your can call sonar-scanner from the directory where you have your source code
  3. Install SonarPHP (see Installing a Plugin for more details)
  4. Run your analysis with the SonarQube Scanner by executing the following command from the root directory of the project:

    sonar-scanner -Dsonar.projectKey=xxx -Dsonar.sources=.
  5. Follow the link provided at the end of the analysis to browse your project's quality in SonarQube UI

Further Analyses

Assuming steps 1-3 above have already been completed, you'll want to encapsulate your analysis parameters in a sonar-project.properties file at the root of your project (see a sample project on GitHub: https://github.com/SonarSource/sonar-scanning-examples/tree/master/sonarqube-scanner). Then subsequent analyses can simply be run with:

sonar-scanner

 

Advanced Usage

With SonarPHP, you can:

Notes

PHPDepend, PHPCodeSniffer, PHPMD, PHPUnit

SINCE 2.0

Dependency on external tools has been removed: i.e PHPDepend, PHPCodeSniffer, PHPMD, PHPUnit.

It means that the plugin relies only on the SonarQube rule engine; there is no import of external rule engine results. (PHPUnit reports can still be imported.)

Many PHPMD rules are now offered natively by the plugin. If you think that the plugin is missing some "must have" rules, you are very welcome to send your suggestions to the Community Forums

 

Different Quality Profiles are provided to allow you to check your code compliance with PHP coding standards:

  • PSR-2: see on SonarQube.com the rules available on this quality profile to be PSR-2 compliant, SINCE 2.1
  • Drupal: see on SonarQube.com the rules available on this quality profile to be compliant with Drupal coding standard. SINCE 2.5

 

  • No labels