Code Sniffer is a static test that uses static code analysis to detect violations of the Magento Coding Standard to prevent common coding errors.
Limited information is displayed in the Quality Report section of the product listing page on the Magento Marketplace, including the number of errors, warnings, and the coding standards version that was used.
What testing is for
Magento projects typically use source code from several vendors. By adopting the Magento Coding Standard, we solve two problems:
- Identify common coding errors and pitfalls at an early stage before code execution.
- Standardize and unify the way code is written, so that it can be read easily by developers from different organizations.
When testing is done
Code Sniffer is mandatory for extensions of any type. When you submit an extension, Magento uses Code Sniffer to analyze the entire code base regardless of the scope of changes. Only extensions that have passed Code Sniffer testing can be listed in the Magento Marketplace.
What is being checked
Code Sniffer validates that the implementation of the submitted extension adheres to the Magento Coding Standard.
Tools and environments used
You can complete Code Sniffer testing in a development environment by using Composer to install PHPCS and the Magento Coding Standard as a global dependency for a particular project.
1 phpcs --standard=Magento2 --extensions=php,phtml --error-severity=10 --ignore-annotations --report=json --report-file=report.json <path-to-extension>
If PHPCS finds any errors, the extension in
<path-to-extension> is rejected.
Reading the error report
All detected errors include a description of the problem with references to the locations in the code where the errors were detected.
The Magento Coding Standard evolves continuously and the rules change. You can find the most current version with an up-to-date list of implemented rules in the Magento Coding Standard GitHub repository.
According to the Magento Coding Standard, Code Sniffer classifies detected violations in the following type categories:
|Error||10||Critical code issues that indicate a bug or security vulnerability.|
|Warning||9||Possible security issues that can cause bugs.|
|Warning||8||Magento specific code issues and design violations.|
|Warning||7||General code issues.|
|Warning||6||Code style issues.|
|Warning||5||PHPDoc formatting and commenting issues.|
Only violations of type “Error” (severity >= 10) prevent a submitted extension from being published on the Magento Marketplace. Although other reported issues do not block delivery of the extension, we encourage developers to review and fix them.
As a best practice, we recommend that developers include PHPCS and the Magento Coding Standard in their development workflow and CI/CD infrastructure to verify that code complies with the coding standards before submitting to the Magento Marketplace.
The Magento Coding Standard is an open source project. You can report issues or submit pull requests with enhancements directly on GitHub.
We welcome feedback and discussion on the Magento Community Engineering Slack #marketplace channel.