SARIF PHP Converters

Releases	Branch	PHP	Packagist	License	Documentation
Stable v1.0.x

Introduction

SARIF, the Static Analysis Results Interchange Format, defines a standard format for the output of static analysis tools. It is a powerful and sophisticated format suited to the needs of a wide variety of tools.

There are a lot of PHP project that do Static Code Analysis, but few of them support the SARIF format.

You can consider to be lucky when they provide at least the checkstyle or junit format.

This library may be considered as a producer on sarif report format, for these projects that did not support yet natively.

Features at a glance

• A Console Tool to allow conversion from checkstyle format to sarif, if your application does not support custom reporting class.
• Add sarif output format support to your application, if you accept to load on fly, any custom reporting class.

Comparison by project on output formats

Project	Version	SARIF	Checkstyle	JUnit	CodeClimate GitLab	GitHub	Output Format Support
Composer Dependency Analyser	1.6.x	❌	❌	✅	❌	❌	junit
Easy-Coding-Standard	12.3.x	❌	✅	✅	✅	❌	console,json,junit,checkstyle,gitlab
Phan	5.4.x	❌	✅	❌	✅	❌	text,csv,json,checkstyle,codeclimate,pylint,html
PHP CodeSniffer	3.10.x	❌	✅	✅	❌	❌	json,checkstyle,junit
PHP-CS-Fixer	3.59.x	❌	✅	✅	✅	❌	checkstyle,gitlab,json,junit
PHPInsights	2.11.x	❌	✅	❌	✅	✅	console,json,checkstyle,codeclimate,github-action
PHPLint	9.4.x	(✅)	✅	✅	❌	❌	console,json,junit,checkstyle,(sarif)
PHP Mess Detector	2.15.x	✅	✅	❌	✅	✅	xml,text,html,json,github,gitlab,sarif,checkstyle
PHPStan	1.11.x	(✅)	✅	✅	✅	✅	table,raw,checkstyle,json,junit,github,gitlab,teamcity,(sarif)
Rector	1.x	❌	❌	❌	❌	❌	console,json
Twig-CS-Fixer	3.0.x	❌	✅	✅	❌	✅	null,text,checkstyle,junit,github

Legend :

• ✅ indicate that support to the format is available
• (✅) indicate that support to the format is optional
• ❌ indicate that support to the format is not yet available

Documentation

All the documentation is available on website, generated from the docs folder.