A ruleset for PHP_CodeSniffer to check for PHP cross-version compatibility issues in projects, while accounting for polyfills provided by ircmaxell's password_compat library.

1.0.2 2019-08-28 14:22 UTC

This package is auto-updated.

Last update: 2020-11-15 20:03:19 UTC


Latest Stable Version Latest Unstable Version License Build Status


Using PHPCompatibilityPasswordCompat, you can analyse the codebase of a project using using @ircmaxell's password_compat polyfill library, for PHP cross-version compatibility.

What's in this repo ?

A rulesets for PHP_CodeSniffer to check for PHP cross-version compatibility issues in projects, while accounting for polyfills provided by the @ircmaxell's password_compat polyfill library.

This ruleset prevents false positives from the PHPCompatibility standard by excluding back-fills and poly-fills which are provided by the random_compat library.


Installation instructions

The only supported installation method is via Composer.

If you don't have a Composer plugin installed to manage the installed_paths setting for PHP_CodeSniffer, run the following from the command-line:

composer require --dev dealerdirect/phpcodesniffer-composer-installer:"^0.7" phpcompatibility/phpcompatibility-passwordcompat:*
composer install

If you already have a Composer PHP_CodeSniffer plugin installed, run:

composer require --dev phpcompatibility/phpcompatibility-passwordcompat:*
composer install

Next, run:

vendor/bin/phpcs -i

If all went well, you will now see that the PHPCompatibility and PHPCompatibilityPasswordCompat standards are installed for PHP_CodeSniffer.

How to use

Now you can use the following command to inspect the code in your project for PHP cross-version compatibility:

./vendor/bin/phpcs -p . --standard=PHPCompatibilityPasswordCompat

By default, you will only receive notifications about deprecated and/or removed PHP features.

To get the most out of the PHPCompatibilityPasswordCompat standard, you should specify a testVersion to check against. That will enable the checks for both deprecated/removed PHP features as well as the detection of code using new PHP features.

For example:

# For a project which should be compatible with PHP 5.3 up to and including PHP 7.0:
./vendor/bin/phpcs -p . --standard=PHPCompatibilityPasswordCompat --runtime-set testVersion 5.3-7.0

# For a project which should be compatible with PHP 5.4 and higher:
./vendor/bin/phpcs -p . --standard=PHPCompatibilityPasswordCompat --runtime-set testVersion 5.4-

For more detailed information about setting the testVersion, see the README of the generic PHPCompatibility standard.

Testing PHP files only

By default PHP_CodeSniffer will analyse PHP, JavaScript and CSS files. As the PHPCompatibility sniffs only target PHP code, you can make the run slightly faster by telling PHP_CodeSniffer to only check PHP files, like so:

./vendor/bin/phpcs -p . --standard=PHPCompatibilityPasswordCompat --extensions=php --runtime-set testVersion 5.3-


All code within the PHPCompatibility organisation is released under the GNU Lesser General Public License (LGPL). For more information, visit


1.0.2 - 2019-08-29

  • Composer: The recommended version of the Composer PHPCS plugin has been upped to ^0.5.0.
  • CI: Added early warning system for false positives due to changes in the polyfill library itself.

1.0.1 - 2018-12-16

  • Prevent false positives when the ruleset is run over the code of the polyfill itself.
  • The ruleset is now also tested against PHP 7.3. Note: full PHP 7.3 support is only available in combination with PHP_CodeSniffer 2.9.2 or 3.3.1+ due to an incompatibility within PHP_CodeSniffer itself.

1.0.0 - 2018-10-07

Initial release of the PHPCompatibilityPasswordCompat ruleset.