Add new LocalSecurityChecker

.phpqa.yml

@@ -8,7 +8,7 @@ phpqa:
     report: false
     execution: parallel
     output: file
-    tools: phpmetrics,phploc,phpcs,php-cs-fixer,phpmd,pdepend,phpcpd,phpstan,phpunit,psalm,security-checker,parallel-lint
+    tools: phpmetrics,phploc,phpcs,php-cs-fixer,phpmd,pdepend,phpcpd,phpstan,phpunit,psalm,security-checker,local-php-security-checker,parallel-lint
     # array definition and allowed errors count is supported too
     # tools: [phploc, phpcs:0]
     verbose: false
@@ -126,3 +126,4 @@ tool:
     phpunit: Edge\QA\Tools\Analyzer\Phpunit
     psalm: Edge\QA\Tools\Analyzer\Psalm
     security-checker: Edge\QA\Tools\Analyzer\SecurityChecker
+    local-php-security-checker: Edge\QA\Tools\Analyzer\LocalSecurityChecker

README.md

@@ -49,7 +49,8 @@ you want to use them.
 
 Tool | PHP | Supported since | Description |
 ---- | --- | --------------- | ----------- |
-[security-checker](https://github.com/sensiolabs/security-checker) | `>= 5.3` | `1.16` | Check composer.lock for known security issues |
+[security-checker](https://github.com/sensiolabs/security-checker) | `>= 5.3` | `1.16` | Check composer.lock for known security issues /!\ deprecated tools ! |
+[local-php-security-checker](https://github.com/fabpot/local-php-security-checker) | `>= 5.3` | `1.24` | Check composer.lock for known security issues. Please follow [installation instruction](https://github.com/fabpot/local-php-security-checker) |
 [php-cs-fixer](http://cs.sensiolabs.org/) | [`>= 5.3`](https://github.com/EdgedesignCZ/phpqa/pull/66#discussion_r115206573) | `1.12` | Automatically detect and fix PHP coding standards issues |
 [phpunit](https://github.com/phpunit/phpunit) | `>= 5.3` | `1.13` | The PHP Unit Testing framework |
 [phpstan](https://github.com/phpstan/phpstan) | `>= 7.0` | `1.9` | Discover bugs in your code without running it |

bin/suggested-tools.sh

@@ -18,7 +18,13 @@ then
         # symfony 3
         composer require jakub-onderka/php-parallel-lint jakub-onderka/php-console-highlighter phpstan/phpstan nette/neon friendsofphp/php-cs-fixer:~2.2 vimeo/psalm sensiolabs/security-checker
     fi
+
+    # Special case of local-php-security-checker who have no composer install
+    rm -f bin/local-php-security-checker
+    curl -s https://api.github.com/repos/fabpot/local-php-security-checker/releases/latest | grep -E "browser_download_url(.+)linux_386" | cut -d : -f 2,3 | tr -d \" | wget -i -
+    mv local-php-security-checker_* bin/local-php-security-checker
 else
     echo "Removing suggested tools"
     composer remove jakub-onderka/php-parallel-lint jakub-onderka/php-console-highlighter phpstan/phpstan friendsofphp/php-cs-fixer vimeo/psalm sensiolabs/security-checker
+    rm -f bin/local-php-security-checker
 fi

src/CodeAnalysisTasks.php

@@ -32,7 +32,7 @@ public function tools(
      * @option $buildDir path to output directory <comment>@default</comment> <info>build/</info>
      * @option $ignoredDirs csv <comment>@default</comment> <info>vendor</info> <comment>@example</comment> CI,bin,vendor
      * @option $ignoredFiles csv <comment>@example</comment> RoboFile.php
-     * @option $tools csv with optional definition of allowed errors count <comment>@default</comment> <info>phpmetrics,phploc,phpcs,php-cs-fixer,phpmd,pdepend,phpcpd,phpstan,phpunit,psalm,security-checker,parallel-lint</info> <comment>@example</comment> phploc,phpmd:1,phpcs:0
+     * @option $tools csv with optional definition of allowed errors count <comment>@default</comment> <info>phpmetrics,phploc,phpcs,php-cs-fixer,phpmd,pdepend,phpcpd,phpstan,phpunit,psalm,security-checker,local-php-security-checker,parallel-lint</info> <comment>@example</comment> phploc,phpmd:1,phpcs:0
      * @option $output output format <comment>@default</comment> <info>file</info> <comment>@example</comment> cli
      * @option $execution output format <comment>@default</comment> <info>parallel</info> <comment>@example</comment> no-parallel
      * @option $config path directory with .phpqa.yml, <comment>@default</comment> <info>current working directory</info>
@@ -100,6 +100,7 @@ private function loadConfig(array $cliOptions)
                 'phpunit',
                 'psalm',
                 'security-checker',
+                'local-php-security-checker',
                 'parallel-lint',
             ],
             'analyzedDirs' => './',

src/Tools/Analyzer/LocalSecurityChecker.php

@@ -0,0 +1,30 @@
+<?php
+
+namespace Edge\QA\Tools\Analyzer;
+
+use Edge\QA\OutputMode;
+
+class LocalSecurityChecker extends \Edge\QA\Tools\Tool
+{
+    public static $SETTINGS = array(
+        'optionSeparator' => '=',
+        'outputMode' => OutputMode::RAW_CONSOLE_OUTPUT
+    );
+
+    public function __invoke()
+    {
+        $composerLock = getcwd() . "/composer.lock";
+        foreach ($this->options->getAnalyzedDirs() as $escapedDir) {
+            $dir = rtrim(trim($escapedDir, '"'), '/');
+            $path = "{$dir}/composer.lock";
+            if (file_exists($path)) {
+                $composerLock = $path;
+                break;
+            }
+        }
+
+        return [
+            'path' => $composerLock,
+        ];
+    }
+}

src/Tools/GetVersions.php

@@ -24,11 +24,17 @@ public function __invoke(array $tools)
         $versions = [];
         $versions['phpqa'] = $this->analyzeTool('phpqa', ['edgedesign/phpqa'], $composer);
         foreach ($tools as $tool => $config) {
-            $packages = array_merge(
-                [$config['composer']],
-                array_key_exists('internalDependencies', $config) ? array_keys($config['internalDependencies']) : []
-            );
-            $versions[$tool] = $this->analyzeTool($tool, $packages, $composer, $config['customBinary']);
+            $toolVersion = ['version' => '', 'version_normalized' => '', 'authors' => '', 'composer' => ''];
+
+            if (isset($config['composer'])) {
+                $packages = array_merge(
+                    [$config['composer']],
+                    array_key_exists('internalDependencies', $config) ? array_keys($config['internalDependencies']) : []
+                );
+                $toolVersion = $this->analyzeTool($tool, $packages, $composer, $config['customBinary']);
+            }
+
+            $versions[$tool] = $toolVersion;
         }
         return $versions;
     }

tests/.appveyor/.phpqa.yml

@@ -1,5 +1,5 @@
 phpqa:
-    tools: phpmetrics,phploc,phpcs:0,php-cs-fixer,phpmd:0,pdepend,phpcpd:0,phpstan,phpunit:0,psalm,security-checker,parallel-lint
+    tools: phpmetrics,phploc,phpcs:0,php-cs-fixer,phpmd:0,pdepend,phpcpd:0,phpstan,phpunit:0,psalm,security-checker,local-php-security-checker,parallel-lint
 
 phpcs:
     standard: ../.travis/phpcs.xml

tests/.travis/.phpqa.yml

@@ -22,6 +22,7 @@ phpqa:
         - phpunit:0
         - psalm
         - security-checker:0
+        - local-php-security-checker:0
         - parallel-lint:0
 
 phpcs: