# Install php-code-sniffer with Homebrew, dnf

Check coding standards in PHP, JavaScript and CSS. Version 4.0.1 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:php-code-sniffer
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install php-code-sniffer
```

  Evidence: local Homebrew formula metadata

### Linux

- dnf (92%):

```sh
sudo dnf install php-pear-PHP-CodeSniffer
```

  Evidence: Fedora Rawhide package metadata: php-pear-PHP-CodeSniffer from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst

## Package facts

- **Package key:** brew:php-code-sniffer
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/php-code-sniffer>
- **Version:** 4.0.1
- **Source summary:** Check coding standards in PHP, JavaScript and CSS
- **Homepage:** <https://github.com/PHPCSStandards/PHP_CodeSniffer>
- **Repository:** <https://github.com/PHPCSStandards/PHP_CodeSniffer>
- **Upstream docs:** <https://github.com/PHPCSStandards/PHP_CodeSniffer>
- **License:** BSD-3-Clause
- **Source archive:** <https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/download/4.0.1/phpcs.phar>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- phpcbf (cli)
- phpcs (cli)
- phpcbf (alias)
- phpcs (alias)

## Dependencies

- php

## Install behavior

- Post-install hook: not defined
- Bottle: available on all

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 4.0.1
- Local data: ok
- Upstream repository: https://github.com/PHPCSStandards/PHP_CodeSniffer
- info: No package-manager update timestamp was available.
- info: No cached GitHub release or tag data was available.

## Security Notes

escape, surveillance, or offensive capability signal.

- **Geiger risk:** red / medium
- escape, surveillance, or offensive capability signal


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: ./.phpcs.xml, ./phpcs.xml, ./phpcs.xml.dist, ./ruleset.xml
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** php-code-sniffer
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- dnf - php-pear-PHP-CodeSniffer - 4.0.1-2.fc44: installed executable or alias match | Fedora Rawhide package metadata: php-pear-PHP-CodeSniffer from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/e5ca8ce900cd68f5419e1c39ae517343100b306336cbaeb70a3c153121d95094-primary.xml.zst | PHP coding standards enforcement tool | https://github.com/PHPCSStandards/PHP_CodeSniffer


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Text processing packages](https://www.automicvault.com/pkg/text-processing-tools/) - Matched text, document, or structured-data processing metadata.
- [php](https://www.automicvault.com/pkg/brew/php/) - Runtime dependency declared by Homebrew.
- [jslint4java](https://www.automicvault.com/pkg/brew/jslint4java/) - Shares av.db curated category or tags: cli, code-quality, developer-tools, linting.
- [precious](https://www.automicvault.com/pkg/brew/precious/) - Shares av.db curated category or tags: cli, code-quality, developer-tools, linting.
- [addlicense](https://www.automicvault.com/pkg/brew/addlicense/) - Shares av.db curated category or tags: cli, code-quality, developer-tools.
- [codelimit](https://www.automicvault.com/pkg/brew/codelimit/) - Shares av.db curated category or tags: cli, code-quality, developer-tools.
- [hawkeye](https://www.automicvault.com/pkg/brew/hawkeye/) - Shares av.db curated category or tags: cli, code-quality, developer-tools.
- [jscpd](https://www.automicvault.com/pkg/brew/jscpd/) - Shares av.db curated category or tags: cli, code-quality, developer-tools.
- [php-cs-fixer](https://www.automicvault.com/pkg/brew/php-cs-fixer/) - Shares av.db curated category or tags: cli, code-quality, coding-standards, developer-tools, php.
- [pint](https://www.automicvault.com/pkg/brew/pint/) - Shares av.db curated category or tags: cli, code-quality, developer-tools.

## Combined YAML source

View the package source record on GitHub. [combined/php-code-sniffer.yml](https://github.com/automic-vault/db/blob/main/combined/php-code-sniffer.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
