2.7.0

• Added --file-list command line argument to allow a list of files and directories to be specified in an external file
  • Useful is you have a generated list of files to check that would be too long for the command line
  • File and directory paths are listed one per line
  • Usage is: phpcs --file-list=/path/to/file-list ...
  • Thanks to Blotzu for the patch
• Values set using @codingStandardsChangeSetting comments can now contain spaces
• Sniff unit tests can now specify a list of test files instead of letting the runner pick them (request #1078)
  • Useful if a sniff needs to exclude files based on the environment, or is checking filenames
  • Override the new getTestFiles() method to specify your own list of test files
• Generic.Functions.OpeningFunctionBraceKernighanRitchie now ignores spacing for function return types
  • The sniff code Generic.Functions.OpeningFunctionBraceKernighanRitchie.SpaceAfterBracket has been removed
  • Replaced by Generic.Functions.OpeningFunctionBraceKernighanRitchie.SpaceBeforeBrace
  • The new error message is slightly clearer as it indicates that a single space is needed before the brace
• Squiz.Commenting.LongConditionClosingComment now allows for the length of a code block to be configured
  • Set the lineLimit property (default is 20) in your ruleset.xml file to set the code block length
  • When the code block length is reached, the sniff will enforce a closing comment after the closing brace
  • Thanks to Juliette Reinders Folmer for the patch
• Squiz.Commenting.LongConditionClosingComment now allows for the end comment format to be configured
  • Set the commentFormat property (default is "//end %s") in your ruleset.xml file to set the format
  • The placeholder %s will be replaced with the type of condition opener, e.g., "//end foreach"
  • Thanks to Juliette Reinders Folmer for the patch
• Generic.PHPForbiddenFunctions now allows forbidden functions to have mixed case
  • Previously, it would only do a strtolower comparison
  • Error message now shows what case was found in the code and what the correct case should be
  • Thanks to Juliette Reinders Folmer for the patch
• Added Generic.Classes.OpeningBraceSameLine to ensure opening brace of class/interface/trait is on the same line as the declaration
  • Thanks to Juliette Reinders Folmer for the patch
• Added Generic.PHP.BacktickOperator to ban the use of the backtick operator for running shell commands
  • Thanks to Juliette Reinders Folmer for the patch
• Added Generic.PHP.DisallowAlternativePHPTags to ban the use of alternate PHP tags
  • Thanks to Juliette Reinders Folmer for the patch
• Squiz.WhiteSpace.LanguageConstructSpacing no longer checks for spaces if parenthesis are being used (request #1062)
  • Makes this sniff more compatibile with those that check parenthesis spacing of function calls
• Squiz.WhiteSpace.ObjectOperatorSpacing now has a setting to ignore newline characters around object operators
  • Default remains FALSE, so newlines are not allowed
  • Override the "ignoreNewlines" setting in a ruleset.xml file to change
  • Thanks to Alex Howansky for the patch
• Squiz.Scope.MethodScope now sniffs traits as well as classes and interfaces
  • Thanks to Jesse Donat for the patch
• PHPCBF is now able to fix Squiz.SelfMemberReference.IncorrectCase errors
  • Thanks to Nikola Kovacs for the patch
• PHPCBF is now able to fix Squiz.Commenting.VariableComment.IncorrectVarType
  • Thanks to Walt Sorensen for the patch
• PHPCBF is now able to fix Generic.PHP.DisallowShortOpenTag
  • Thanks to Juliette Reinders Folmer for the patch
• Improved the formatting of the end brace when auto fixing InlineControlStructure errors (request #1121)
• Generic.Functions.OpeningFunctionBraceKernighanRitchie.BraceOnNewLine fix no longer leaves blank line after brace (request #1085)
• Generic UpperCaseConstantNameSniff now allows lowercase namespaces in constant definitions
  • Thanks to Daniel Schniepp for the patch
• Squiz DoubleQuoteUsageSniff is now more tolerant of syntax errors caused by mismatched string tokens
• A few sniffs that produce errors based on the current PHP version can now be told to run using a specific PHP version
  • Set the php_version config var using --config-set, --runtime-set, or in a ruleset to specify a specific PHP version
  • The format of the PHP version is the same as the PHP_VERSION_ID constant (e.g., 50403 for version 5.4.3)
  • Supported sniffs are Generic.PHP.DisallowAlternativePHPTags, PSR1.Classes.ClassDeclaration, Squiz.Commenting.FunctionComment
  • Thanks to Finlay Beaton for the patch
• Fixed bug #985 : Duplicate class definition detection generates false-positives in media queries
  • Thanks to Raphael Horber for the patch
• Fixed bug #1014 : Squiz VariableCommentSniff doesn't always detect a missing comment
• Fixed bug #1066 : Undefined index: quiet in CLI.php during unit test run with -v command line arg
• Fixed bug #1072 : Squiz.SelfMemberReference.NotUsed not detected if leading namespace separator is used
• Fixed bug #1089 : Rulesets cannot be loaded if the path contains urlencoded characters
• Fixed bug #1091 : PEAR and Squiz FunctionComment sniffs throw errors for some invalid @param line formats
• Fixed bug #1092 : PEAR.Functions.ValidDefaultValue should not flag type hinted methods with a NULL default argument
• Fixed bug #1095 : Generic LineEndings sniff replaces tabs with spaces with --tab-width is set
• Fixed bug #1096 : Squiz FunctionDeclarationArgumentSpacing gives incorrect error/fix when variadic operator is followed by a space
• Fixed bug #1099 : Group use declarations are incorrectly fixed by the PSR2 standard
  • Thanks to Jason McCreary for the patch
• Fixed bug #1101 : Incorrect indent errors when breaking out of PHP inside an IF statement
• Fixed bug #1102 : Squiz.Formatting.OperatorBracket.MissingBrackets faulty bracketing fix
• Fixed bug #1109 : Wrong scope indent reported in anonymous class
• Fixed bug #1112 : File docblock not recognized when require_once follows it
• Fixed bug #1120 : InlineControlStructureSniff does not handle auto-fixing for control structures that make function calls
• Fixed bug #1124 : Squiz.Operators.ComparisonOperatorUsage does not detect bracketed conditions for inline IF statements
  • Thanks to Raphael Horber for the patch

3.0.0a1

This is the first alpha release of the 3.0.0 version, and is a large refactoring of the code base. It breaks backwards compatibility for all custom sniffs and custom reports. An upgrade guide for sniff and report developers is available here: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Version-3.0-Upgrade-Guide

Note: If you only use the built-in coding standards (such as PEAR or PSR2), or you have a custom ruleset.xml file that only makes use of the sniffs and reports distributed with PHP_CodeSniffer, you do not need to make any changes to use this alpha release.

PHP version change

This release changes the minimum PHP version from 5.1.2 to 5.4.0.

• Why not 5.6? Because the reality is that many developers have to work in corporate environments where the PHP version is maintained by the OS vendor. 5.6 and 7 are out of reach for a large number of developers working on big commercial applications, which is a place where PHPCS is of great benefit.
• Why not 5.3? Where 5.3 is available, 5.4 should be available through official OS repositories. The min PHP version for PHPCS will remain stable for some time, so an attempt has been made to pick a version that is hopefully available to the vast majority of developers while still providing new language features to PHPCS itself.

Installation

You can install PHP_CodeSniffer 3.0.0a1 via composer or PEAR, or download the PHAR files attached to these release notes. You can also clone the git repository directly and run PHPCS from there.

If you are using composer, you can use the 3.x-dev branch alias:

{
    "require-dev": {
        "squizlabs/php_codesniffer": "3.x-dev"
    }
}

If you are installing via PEAR, please first uninstall the existing PHP_CodeSniffer package before installing the new one:

pear uninstall PHP_CodeSniffer
pear install PHP_CodeSniffer-3.0.0a1

New features and core changes

• Added optional caching of results between runs (request #530)
  • Enable the cache by using the --cache command line argument
  • If you want the cache file written somewhere specific, use --cache=/path/to/cacheFile
  • Use the command "phpcs --config-set cache true" to turn caching on by default
  • Use the --no-cache command line argument to disable caching if it is being turned on automatically
• Add support for checking file in parallel (request #421)
  • Tell PHPCS how many files to check at once using the --parallel command line argument
  • To check 100 files at once, using --parallel=100
  • To disable parallel checking if it is being turned on automatically, use --parallel=1
  • Requires PHP to be compiled with the PCNTL package
• The default encoding has been changed from iso-8859-1 to utf-8 (request #760)
  • The --encoding command line argument still works, but you no longer have to set it to process files as utf-8
  • If encoding is being set to utf-8 in a ruleset or on the CLI, it can be safely removed
  • If the iconv PHP extension is not installed, standard non-multibyte aware functions will be used
• Added a new "code" report type to show a code snippet for each error (request #419)
  • The line containing the error is printed, along with 2 lines above and below it to show context
  • The location of the errors is underlined in the code snippet if you also use --colors
  • Use --report=code to generate this report
• Added support for custom filtering of the file list
  • Developers can write their own filter classes to perform custom filtering of the list before the run starts
  • Use the command line arg --filter=/path/to/filter.php to specify a filter to use
  • Extend \PHP_CodeSniffer\Filters\Filter to also support the core PHPCS extension and path filtering
  • Extend \PHP_CodeSniffer\Filters\ExactMatch to get the core filtering and the ability to use blacklists and whitelists
  • The included \PHP_CodeSniffer\Filters\GitModified filter is a good example of an ExactMatch filter
• Added support for only checking files that have been locally modified or added in a git repo
  • Use --filter=gitmodified to check these files
  • You still need to give PHPCS a list of files or directories in which to check
• Added automatic discovery of executable paths (request #571)
  • Thanks to Sergey Morozov for the patch
• You must now pass "-" on the command line to have PHPCS wait for STDIN
  • E.g., phpcs --standard=PSR2 -
  • You can still pipe content via STDIN as normal as PHPCS will see this and process it
  • But without the "-", PHPCS will throw an error if no content or files are passed to it
• All PHP errors generated by sniffs are caught, re-thrown as exceptions, and reported in the standard error reports
  • This should stop bugs inside sniffs causing infinite loops
  • Also stops invalid reports being produced as errors don't print to the screen directly
• Sniff codes are no longer optional
  • If a sniff throws and error or a warning, it must specify an internal code for that message
• The installed_paths config setting can now point directly to a standard
  • Previously, it had to always point to the directory in which the standard lives
• Multiple reports can now be specified using the --report command line argument
  • Report types are separated by commas
  • E.g., --report=full,summary,info
  • Previously, you had to use one argument for each report such as --report=full --report=summary --report=info
• You can now set the severity, message type, and exclude patterns for an entire sniff, category, or standard
  • Previously, this was only available for a single message
• You can now include a single sniff code in a ruleset instead of having to include an entire sniff
  • Including a sniff code will automatically exclude all other messages from that sniff
  • If the sniff is already included by an imported standard, set the sniff severity to 0 and include the specific message you want
• PHPCBF no longer uses patch
  • Files are now always overwritten
  • The --no-patch option has been removed
• Added a --basepath option to strip a directory from the front of file paths in output (request #470)
  • The basepath is absolute or relative to the current directory
  • E.g., to output paths relative to current dir in reports, use --basepath=.
• Ignore rules are now checked when using STDIN (request #733)
• Added an include-pattern tag to rulesets to include a sniff for specific files and folders only (request #656)
  • This is the exact opposite of the exclude-pattern tag
  • This option is only usable within sniffs, not globally like exclude-patterns are
• Added a new -m option to stop error messages from being recorded, which saves a lot of memory
  • PHPCBF always uses this setting to reduce memory as it never outputs error messages
  • Setting the $recordErrors member var inside custom report classes is no longer supported (use -m instead)
• Exit code 2 is now used to indicate fixable errors were found (request #930)
  • Exit code 3 is now used for general script execution errors
  • Exit code 1 is used to indicate that coding standard errors were found, but none are fixable
  • Exit code 0 is unchanged and continues to mean no coding standard errors found
• The included PHPCS standard has been removed
  • All rules are now found inside the phpcs.xml.dist file
  • Running "phpcs" without any arguments from a git clone will use this ruleset
• The included SVN pre-commit hook has been removed
  • Hooks for version control systems will no longer be maintained within the PHPCS project

2.6.2

• Added a new --exclude CLI argument to exclude a list of sniffs from checking and fixing (request #904)
  • Accepts the same sniff codes as the --sniffs command line argument, but provides the opposite functionality
• Added a new -q command line argument to disable progress and verbose information from being printed (request #969)
  • Useful if a coding standard hard-codes progess or verbose output but you want PHPCS to be quiet
  • Use the command "phpcs --config-set quiet true" to turn quiet mode on by default
• Generic LineLength sniff no longer errors for comments that cannot be broken out onto a new line (request #766)
  • A typical case is a comment that contains a very long URL
  • The comment is ignored if putting the URL on a indented new comment line would be longer than the allowed length
• Settings extensions in a ruleset no longer causes PHP notices during unit testing
  • Thanks to Klaus Purer for the patch
• Version control reports now show which errors are fixable if you are showing sources
• Added a new sniff to enforce a single space after a NOT operator (request #1051)
  • Include in a ruleset using the code Generic.Formatting.SpaceAfterNot
• The Squiz.Commenting.BlockComment sniff now supports tabs for indenting comment lines (request #1056)
• Fixed bug #790 : Incorrect missing @throws error in methods that use closures
• Fixed bug #908 : PSR2 standard is not checking that closing brace is on line following the body
• Fixed bug #945 : Incorrect indent behavior using deep-nested function and arrays
• Fixed bug #961 : Two anonymous functions passed as function/method arguments cause indentation false positive
• Fixed bug #1005 : Using global composer vendor autoload breaks PHP lowercase built-in function sniff
  • Thanks to Michael Butler for the patch
• Fixed bug #1007 : Squiz Unreachable code detection is not working properly with a closure inside a case
• Fixed bug #1023 : PSR2.Classes.ClassDeclaration fails if class extends base class and "implements" is on trailing line
• Fixed bug #1026 : Arrays in comma delimited class properties cause ScopeIndent to increase indent
• Fixed bug #1028 : Squiz ArrayDeclaration incorrectly fixes multi-line array where end bracket is not on a new line
• Fixed bug #1034 : Squiz FunctionDeclarationArgumentSpacing gives incorrect error when first arg is a variadic
• Fixed bug #1036 : Adjacent assignments aligned analysis statement wrong
• Fixed bug #1049 : Version control reports can show notices when the report width is very small
• Fixed bug #21050 : PEAR MultiLineCondition sniff suppresses errors on last condition line

2.6.1

• The PHP-supplied T_COALESCE token has been replicated for PHP versions before 7.0
• Function return types of self, parent and callable are now tokenized as T_RETURN_TYPE
  • Thanks to Jaroslav Hanslík for the patch
• The default_standard config setting now allows multiple standards to be listed, like on the command line
  • Thanks to Michael Mayer for the patch
• Installations done via composer now only include the composer autoloader for PHP 5.3.2+ (request #942)
• Added a rollbackChangeset() method to the Fixer class to purposely rollback the active changeset
• Fixed bug #940 : Auto-fixing issue encountered with inconsistent use of braces
• Fixed bug #943 : Squiz.PHP.InnerFunctions.NotAllowed reported in anonymous classes
• Fixed bug #944 : PHP warning when running the latest phar
• Fixed bug #951 : InlineIfDeclaration: invalid error produced with UTF-8 string
• Fixed bug #957 : Operator spacing sniff errors when plus is used as part of a number
  • Thanks to Klaus Purer for the patch
• Fixed bug #959 : Call-time pass-by-reference false positive if there is a square bracket before the ampersand
  • Thanks to Konstantin Leboev for the patch
• Fixed bug #962 : Null coalescing operator (??) not detected as a token
  • Thanks to Joel Posti for the patch
• Fixed bug #973 : Anonymous class declaration and PSR1.Files.SideEffects.FoundWithSymbols
• Fixed bug #974 : Error when file ends with "function"
• Fixed bug #979 : Anonymous function with return type hint is not refactored as expected
• Fixed bug #983 : Squiz.WhiteSpace.MemberVarSpacing.AfterComment fails to fix error when comment is not a docblock
• Fixed bug #1010 : Squiz NonExectuableCode sniff does not detect boolean OR
  • Thanks to Derek Henderson for the patch
• Fixed bug #1015 : The Squiz.Commenting.FunctionComment sniff doesn't allow description in @return tag
  • Thanks to Alexander Obuhovich for the patch
• Fixed bug #1022 : Duplicate spaces after opening bracket error with PSR2 standard
• Fixed bug #1025 : Syntax error in JS file can cause undefined index for parenthesis_closer

2.6.0

• Paths used when setting CLI arguments inside ruleset.xml files are now relative to the ruleset location (request #847)
  • This change only applies to paths within ARG tags, used to set CLI arguments
  • Previously, the paths were relative to the directory PHPCS was being run from
  • Absolute paths are still allowed and work the same way they always have
  • This change allows ruleset.xml files to be more portable
• Content passed via STDIN will now be processed even if files are specified on the command line or in a ruleset
• When passing content via STDIN, you can now specify the file path to use on the command line (request #934)
  • This allows sniffs that check file paths to work correctly
  • This is the same functionality provided by the phpcs_input_file line, except it is available on the command line
• Files processed with custom tokenizers will no longer be skipped if they appear minified (request #877)
  • If the custom tokenizer wants minified files skipped, it can set a $skipMinified member var to TRUE
  • See the included JS and CSS tokenizers for an example
• Config vars set in ruleset.xml files are now processed earlier, allowing them to be used during sniff registration
  • Among other things, this allows the installed_paths config var to be set in ruleset.xml files
  • Thanks to Pieter Frenssen for the patch
• Improved detection of regular expressions in the JS tokenizer
• Generic PHP Syntax sniff now uses PHP_BINARY (if available) to determine the path to PHP if no other path is available
  • You can still manually set php_path to use a specific binary for testing
  • Thanks to Andrew Berry for the patch
• The PHP-supplied T_POW_EQUAL token has been replicated for PHP versions before 5.6
• Added support for PHP7 use group declarations (request #878)
  • New tokens T_OPEN_USE_GROUP and T_CLOSE_USE_GROUP are assigned to the open and close curly braces
• Generic ScopeIndent sniff now reports errors for every line that needs the indent changed (request #903)
  • Previously, it ignored lines that were indented correctly in the context of their block
  • This change produces more technically accurate error messages, but is much more verbose
• The PSR2 and Squiz standards now allow multi-line default values in function declarations (request #542)
  • Previously, these would automatically make the function a multi-line declaration
• Squiz InlineCommentSniff now allows docblocks on require(_once) and include(_once) statements
  • Thanks to Gary Jones for the patch
• Squiz and PEAR Class and File sniffs no longer assume the first comment in a file is always a file comment
  • phpDocumentor assigns the comment to the file only if it is not followed by a structural element
  • These sniffs now follow this same rule
• Squiz ClassCommentSniff no longer checks for blank lines before class comments
  • Removes the error Squiz.Commenting.ClassComment.SpaceBefore
• Renamed Squiz.CSS.Opacity.SpacingAfterPoint to Squiz.CSS.Opacity.DecimalPrecision
  • Please update your ruleset if you are referencing this error code directly
• Fixed PHP tokenizer problem that caused an infinite loop when checking a comment with specific content
• Generic Disallow Space and Tab indent sniffs now detect and fix indents inside embedded HTML chunks (request #882)
• Squiz CSS IndentationSniff no longer assumes the class opening brace is at the end of a line
• Squiz FunctionCommentThrowTagSniff now ignores non-docblock comments
• Squiz ComparisonOperatorUsageSniff now allows conditions like while(true)
• PEAR FunctionCallSignatureSniff (and the Squiz and PSR2 sniffs that use it) now correctly check the first argument
  • Further fix for bug #698
• Fixed bug #791 : codingStandardsChangeSetting settings not working with namespaces
• Fixed bug #872 : Incorrect detection of blank lines between CSS class names
• Fixed bug #879 : Generic InlineControlStructureSniff can create parse error when case/if/elseif/else have mixed brace and braceless definitions
• Fixed bug #883 : PSR2 is not checking for blank lines at the start and end of control structures
• Fixed bug #884 : Incorrect indentation notice for anonymous classes
• Fixed bug #887 : Using curly braces for a shared CASE/DEFAULT statement can generate an error in PSR2 SwitchDeclaration
• Fixed bug #889 : Closure inside catch/else/elseif causes indentation error
• Fixed bug #890 : Function call inside returned short array value can cause indentation error inside CASE statements
• Fixed bug #897 : Generic.Functions.CallTimePassByReference.NotAllowed false positive when short array syntax
• Fixed bug #900 : Squiz.Functions.FunctionDeclarationArgumentSpacing bug when no space between type hint and argument
• Fixed bug #902 : T_OR_EQUAL and T_POW_EQUAL are not seen as assignment tokens
• Fixed bug #910 : Unrecognized "extends" and indentation on anonymous classes
• Fixed bug #915 : JS Tokenizer generates errors when processing some decimals
• Fixed bug #928 : Endless loop when sniffing a PHP file with a git merge conflict inside a function
• Fixed bug #937 : Shebang can cause PSR1 SideEffects warning
  • Thanks to Clay Loveless for the patch
• Fixed bug #938 : CallTimePassByReferenceSniff ignores functions with return value

2.5.1

• The PHP-supplied T_SPACESHIP token has been replicated for PHP versions before 7.0
• T_SPACESHIP is now correctly identified as an operator
  • Thanks to Alexander Obuhovich for the patch
• Generic LowerCaseKeyword now ensures array type hints are lowercase as well
  • Thanks to Mathieu Rochette for the patch
• Squiz ComparisonOperatorUsageSniff no longer hangs on JS FOR loops that don't use semicolons
• PHP_CodesSniffer now includes the composer autoload.php file, if there is one
  • Thanks to Klaus Purer for the patch
• Added error Squiz.Commenting.FunctionComment.ScalarTypeHintMissing for PHP7 only (request #858)
  • These errors were previously reported as Squiz.Commenting.FunctionComment.TypeHintMissing on PHP7
  • Disable this error message in a ruleset.xml file if your code needs to run on both PHP5 and PHP7
• The PHP 5.6 __debugInfo magic method no longer produces naming convention errors
  • Thanks to Michael Nowack for the patch
• PEAR and Squiz FunctionComment sniffs now support variadic functions (request #841)
• Fixed bug #622 : Wrong detection of Squiz.CSS.DuplicateStyleDefinition with media queries
• Fixed bug #752 : The missing exception error is reported in first found DocBlock
• Fixed bug #794 : PSR2 MultiLineFunctionDeclaration forbids comments after opening parenthesis of a multiline call
• Fixed bug #820 : PEAR/PSR2 FunctionCallSignature sniffs suggest wrong indent when there are multiple arguments on a line
• Fixed bug #822 : Ruleset hard-coded file paths are not used if not running from the same directory as the ruleset
• Fixed bug #825 : FunctionCallArgumentSpacing sniff complains about more than one space before comment in multi-line function call
• Fixed bug #828 : Null classname is tokenized as T_NULL instead of T_STRING
• Fixed bug #829 : Short array argument not fixed correctly when multiple function arguments are on the same line
• Fixed bug #831 : PHPCS freezes in an infinite loop under Windows if no standard is passed
• Fixed bug #832 : Tokenizer does not support context sensitive parsing
  • Thanks to Jaroslav Hanslík for the patch
• Fixed bug #835 : PEAR.Functions.FunctionCallSignature broken when closure uses return types
• Fixed bug #838 : CSS indentation fixer changes color codes
  • Thanks to Klaus Purer for the patch
• Fixed bug #839 : "__()" method is marked as not camel caps
  • Thanks to Tim Bezhashvyly for the patch
• Fixed bug #852 : Generic.Commenting.DocComment not finding errors when long description is omitted
• Fixed bug #854 : Return typehints in interfaces are not reported as T_RETURN_TYPE
  • Thanks to Jaroslav Hanslík for the patch
• Fixed bug #855 : Capital letter detection for multibyte strings doesn't work correctly
• Fixed bug #857 : PSR2.ControlStructure.SwitchDeclaration shouldn't check indent of curly brace closers
• Fixed bug #859 : Switch statement indention issue when returning function call with closure
• Fixed bug #861 : Single-line arrays and function calls can generate incorrect indentation errors
• Fixed bug #867 : Squiz.Strings.DoubleQuoteUsage broken for some escape codes
  • Thanks to Jack Blower for the help with the fix
• Fixed bug #21005 : Incorrect indent detection when multiple properties are initialized to arrays
• Fixed bug #21010 : Incorrect missing colon detection in CSS when first style is not on new line
• Fixed bug #21011 : Incorrect error message text when newline found after opening brace

2.5.0

• PHPCS will now look for a phpcs.xml file in parent directories as well as the current directory (request #626)
• PHPCS will now use a phpcs.xml file even if files are specified on the command line
  • This file is still only used if no standard is specified on the command line
• Added support for a phpcs.xml.dist file (request #583)
  • If both a phpcs.xml and phpcs.xml.dist file are present, the phpcs.xml file will be used
• Added support for setting PHP ini values in ruleset.xml files (request #560)
  • Setting the value of the new ini tags to name="memory_limit" value="32M" is the same as -d memory_limit=32M
• Added support for one or more bootstrap files to be run before processing begins
  • Use the --bootstrap=file,file,file command line argument to include bootstrap files
  • Useful if you want to override some of the high-level settings of PHPCS or PHPCBF
  • Thanks to John Maguire for the patch
• Added additional verbose output for CSS tokenizing
• Squiz ComparisonOperatorUsageSniff now checks FOR, WHILE and DO-WHILE statements
  • Thanks to Arnout Boks for the patch
• Fixed bug #660 : Syntax checks can fail on Windows with PHP5.6
• Fixed bug #784 : $this->trait is seen as a T_TRAIT token
• Fixed bug #786 : Switch indent issue with short array notation
• Fixed bug #787 : SpacingAfterDefaultBreak confused by multi-line statements
• Fixed bug #797 : Parsing CSS url() value breaks further parsing
• Fixed bug #805 : Squiz.Commenting.FunctionComment.InvalidTypeHint on Scalar types on PHP7
• Fixed bug #807 : Cannot fix line endings when open PHP tag is not on the first line
• Fixed bug #808 : JS tokeniser incorrectly setting some function and class names to control structure tokens
• Fixed bug #809 : PHPCBF can break a require_once statement with a space before the open parenthesis
• Fixed bug #813 : PEAR FunctionCallSignature checks wrong indent when first token on line is part of a multi-line string

2.4.0

• Added support for PHP 7 anonymous classes
  • Anonymous classes are now tokenized as T_ANON_CLASS and ignored by normal class sniffs
• Added support for PHP 7 function return type declarations
  • Return types are now tokenized as T_RETURN_TYPE
• Fixed tokenizing of the XOR operator, which was incorrectly identified as a power operator (bug #765)
  • The T_POWER token has been removed and replaced by the T_BITWISE_XOR token
  • The PHP-supplied T_POW token has been replicated for PHP versions before 5.6
• Traits are now tokenized in PHP versions before 5.4 to make testing easier
• Improved regular expression detection in JS files
• PEAR FunctionCallSignatureSniff now properly detects indents in more mixed HTML/PHP code blocks
• Full report now properly indents lines when newlines are found inside error messages
• Generating documentation without specifying a standard now uses the default standard instead
  • Thanks to Ken Guest for the patch
• Generic InlineControlStructureSniff now supports braceless do/while loops in JS
  • Thanks to Pieter Frenssen for the patch
• Added more guard code for function declarations with syntax errors
  • Thanks to Yun Young-jin for the patch
• Added more guard code for foreach declarations with syntax errors
  • Thanks to Johan de Ruijter for the patch
• Added more guard code for class declarations with syntax errors
• Squiz ArrayDeclarationSniff now has guard code for arrays with syntax errors
• Generic InlineControlStructureSniff now correctly fixes ELSEIF statements
• Fixed bug #601 : Expected type hint int[]; found array in Squiz FunctionCommentSniff
  • Thanks to Scato Eggen for the patch
• Fixed bug #625 : Consider working around T_HASHBANG in HHVM 3.5.x and 3.6.x
  • Thanks to Kunal Mehta for the patch
• Fixed bug #692 : Comment tokenizer can break when using mbstring function overloading
• Fixed bug #694 : Long sniff codes can cause PHP warnings in source report when showing error codes
• Fixed bug #698 : PSR2.Methods.FunctionCallSignature.Indent forces exact indent of ternary operator parameters
• Fixed bug #704 : ScopeIndent can fail when an opening parenthesis is on a line by itself
• Fixed bug #707 : Squiz MethodScopeSniff doesn't handle nested functions
• Fixed bug #709 : Squiz.Sniffs.Whitespace.ScopeClosingBraceSniff marking indented endif in mixed inline HTML blocks
• Fixed bug #711 : Sniffing from STDIN shows Generic.Files.LowercasedFilename.NotFound error
• Fixed bug #714 : Fixes suppression of errors using docblocks
  • Thanks to Andrzej Karmazyn for the patch
• Fixed bug #716 : JSON report is invalid when messages contain newlines or tabs
  • Thanks to Pieter Frenssen for the patch
• Fixed bug #723 : ScopeIndent can fail when multiple array closers are on the same line
• Fixed bug #730 : ScopeIndent can fail when a short array opening square bracket is on a line by itself
• Fixed bug #732 : PHP Notice if @Package name is made up of all invalid characters
  • Adds new error code PEAR.Commenting.FileComment.InvalidPackageValue
• Fixed bug #748 : Auto fix for Squiz.Commenting.BlockComment.WrongEnd is incorrect
  • Thanks to J.D. Grimes for the patch
• Fixed bug #753 : PSR2 standard shouldn't require space after USE block when next code is a closing tag
• Fixed bug #768 : PEAR FunctionCallSignature sniff forbids comments after opening parenthesis of a multiline call
• Fixed bug #769 : Incorrect detection of variable reference operator when used with short array syntax
  • Thanks to Klaus Purer for the patch
• Fixed bug #772 : Syntax error when using PHPCBF on alternative style foreach loops
• Fixed bug #773 : Syntax error when stripping trailing PHP close tag and previous statement has no semicolon
• Fixed bug #778 : PHPCBF creates invalid PHP for inline FOREACH containing multiple control structures
• Fixed bug #781 : Incorrect checking for PHP7 return types on multi-line function declartions
• Fixed bug #782 : Conditional function declarations cause fixing conflicts in Squiz standard
  • Squiz.ControlStructures.ControlSignature no longer enforces a single newline after open brace
  • Squiz.WhiteSpace.ControlStructureSpacing can be used to checl spacing at the start/end of control structures

2.3.4

• JSON report format now includes the fixable status for each error message and the total number of fixable errors
• Added more guard code for function declarations with syntax errors
• Added tokenizer support for the PHP declare construct
  • Thanks to Andy Blyler for the patch
• Generic UnnecessaryStringConcatSniff can now allow strings concatenated over multiple lines
  • Set the allowMultiline property to TRUE (default is FALSE) in your ruleset.xml file to enable this
  • By default, concat used only for getting around line length limits still generates an error
  • Thanks to Stefan Lenselink for the contribution
• Invalid byte sequences no longer throw iconv_strlen() errors (request #639)
  • Thanks to Willem Stuursma for the patch
• Generic TodoSniff and FixmeSniff are now better at processing strings with invalid characters
• PEAR FunctionCallSignatureSniff now ignores indentation of inline HTML content
• Squiz ControlSignatureSniff now supports control structures with only inline HTML content
• Fixed bug #636 : Some class names cause CSS tokenizer to hang
• Fixed bug #638 : VCS blame reports output error content from the blame commands for files not under VC
• Fixed bug #642 : Method params incorrectly detected when default value uses short array syntax
  • Thanks to Josh Davis for the patch
• Fixed bug #644 : PEAR ScopeClosingBrace sniff does not work with mixed HTML/PHP
• Fixed bug #645 : FunctionSignature and ScopeIndent sniffs don't detect indents correctly when PHP open tag is not on a line by itself
• Fixed bug #648 : Namespace not tokenized correctly when followed by multiple use statements
• Fixed bug #654 : Comments affect indent check for BSDAllman brace style
• Fixed bug #658 : Squiz.Functions.FunctionDeclarationSpacing error for multi-line declarations with required spaces greater than zero
  • Thanks to J.D. Grimes for the patch
• Fixed bug #663 : No space after class name generates: Class name "" is not in camel caps format
• Fixed bug #667 : Scope indent check can go into infinite loop due to some parse errors
• Fixed bug #670 : Endless loop in PSR1 SideEffects sniffer if no semicolon after last statement
  • Thanks to Thomas Jarosch for the patch
• Fixed bug #672 : Call-time pass-by-reference false positive
• Fixed bug #683 : Comments are incorrectly reported by PSR2.ControlStructures.SwitchDeclaration sniff
• Fixed bug #687 : ScopeIndent does not check indent correctly for method prefixes like public and abstract
• Fixed bug #689 : False error on some comments after class closing brace

2.3.3

• Improved the performance of the CSS tokenizer, especially on very large CSS files (thousands of lines)
  • Thanks to Klaus Purer for the patch
• Defined tokens for lower PHP versions are now phpcs-specific strings instead of ints
  • Stops conflict with other projects, like PHP_CodeCoverage
• Added more guard code for syntax errors to various sniffs
• Improved support for older HHVM versions
  • Thanks to Kunal Mehta for the patch
• Squiz ValidLogicalOperatorsSniff now ignores XOR as type casting is different when using the ^ operator (request #567)
• Squiz CommentedOutCodeSniff is now better at ignoring URLs inside comments
• Squiz ControlSignatureSniff is now better at checking embedded PHP code
• Squiz ScopeClosingBraceSniff is now better at checking embedded PHP code
• Fixed bug #584 : Squiz.Arrays.ArrayDeclaration sniff gives incorrect NoComma error for multiline string values
• Fixed bug #589 : PEAR.Functions.FunctionCallSignature sniff not checking all function calls
• Fixed bug #592 : USE statement tokenising can sometimes result in mismatched scopes
• Fixed bug #594 : Tokenizer issue on closure that returns by reference
• Fixed bug #595 : Colons in CSS selectors within media queries throw false positives
  • Thanks to Klaus Purer for the patch
• Fixed bug #598 : PHPCBF can break function/use closure brace placement
• Fixed bug #603 : Squiz ControlSignatureSniff hard-codes opener type while fixing
• Fixed bug #605 : Auto report-width specified in ruleset.xml ignored
• Fixed bug #611 : Invalid numeric literal on CSS files under PHP7
• Fixed bug #612 : Multi-file diff generating incorrectly if files do not end with EOL char
• Fixed bug #615 : Squiz OperatorBracketSniff incorrectly reports and fixes operations using self::
• Fixed bug #616 : Squiz DisallowComparisonAssignmentSniff inconsistent errors with inline IF statements
• Fixed bug #617 : Space after switch keyword in PSR-2 is not being enforced
• Fixed bug #621 : PSR2 SwitchDeclaration sniff doesn't detect, or correctly fix, case body on same line as statement