PHPackages drupal-spider/drupalsecurity - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. drupal-spider/drupalsecurity ActivePhpcodesniffer-standard[Security](/categories/security) drupal-spider/drupalsecurity ============================ Drupal Security is a library to review security issue of Drupal code. 1.2.4(3mo ago)2203[1 PRs](https://github.com/mingsong-hu/DrupalSecurity/pulls)GPL-2.0+PHPPHP >=5.4.0 Since Apr 6Pushed 3mo ago1 watchersCompare [ Source](https://github.com/mingsong-hu/DrupalSecurity)[ Packagist](https://packagist.org/packages/drupal-spider/drupalsecurity)[ Docs](https://github.com/drupal-spider/DrupalSecurity)[ GitHub Sponsors](https://github.com/drupal-spider)[ RSS](/packages/drupal-spider-drupalsecurity/feed)WikiDiscussions 1.x-master Synced 1mo ago READMEChangelog (9)Dependencies (5)Versions (7)Used By (0) DrupalSecurity ============== [](#drupalsecurity) DrupalSecurity is a library for automated Drupal code security reviews. It defines rules for [PHP\_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) Note that Javascript has not been supported yet. To check and fix Javascript files please use [ESLint](http://eslint.org/) and see the [Drupal ESLint](https://www.drupal.org/node/1955232) documentation. Global installation ------------------- [](#global-installation) ``` composer global require "squizlabs/php_codesniffer=*" composer global require mingsong-hu/drupalsecurity ``` Make sure you have the composer bin dir in your PATH. The default value is ~/.composer/vendor/bin/, but you can check the value that you need to use by running ``` composer global config bin-dir --absolute ``` Usage ----- [](#usage) Check Drupal Security standards ``` phpcs --standard=DrupalSecurity --ignore='*/tests/*' --extensions=php,module,inc,install,theme,yml,twig [/file/to/drupal/module] ``` List all sniffers ``` phpcs --standard=DrupalSecurity -e ``` ### Health Score 37 — LowBetter than 83% of packages Maintenance81 Actively maintained with recent releases Popularity11 Limited adoption so far Community9 Small or concentrated contributor base Maturity40 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~132 days Recently: every ~94 days Total 6 Last Release 111d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/128182024?v=4)[sulaiman](/maintainers/AMDS)[@amds](https://github.com/amds) --- Top Contributors [![mingsong-hu](https://avatars.githubusercontent.com/u/3345373?v=4)](https://github.com/mingsong-hu "mingsong-hu (24 commits)") --- Tags drupalphp-codesnifferphpcssecuritysecurity-auditsecurity-scansecurity-scannersecurity-testingstandardsphpcscode reviewsecuritydrupal ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/drupal-spider-drupalsecurity/health.svg) ``` [![Health](https://phpackages.com/badges/drupal-spider-drupalsecurity/health.svg)](https://phpackages.com/packages/drupal-spider-drupalsecurity) ``` ### Alternatives [wp-coding-standards/wpcs PHP\_CodeSniffer rules (sniffs) to enforce WordPress coding conventions 2.8k42.5M1.6k](/packages/wp-coding-standards-wpcs)[drupal/coder Coder is a library to review Drupal code. 3043.6M461](/packages/drupal-coder)[nelmio/security-bundle Extra security-related features for Symfony: signed/encrypted cookies, HTTPS/SSL/HSTS handling, cookie session storage, ... 68112.8M27](/packages/nelmio-security-bundle)[enlightn/security-checker A PHP dependency vulnerabilities scanner based on the Security Advisories Database. 33732.2M110](/packages/enlightn-security-checker)[automattic/vipwpcs PHP\_CodeSniffer rules (sniffs) to enforce WordPress VIP minimum coding conventions 25510.2M145](/packages/automattic-vipwpcs)[phpcsstandards/phpcsextra A collection of sniffs and standards for use with PHP\_CodeSniffer. 10324.3M44](/packages/phpcsstandards-phpcsextra) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)