Undefined index: parenthesis_closer in pheromone/phpcs-security-audit/Security/Sniffs/BadFunctions/SystemExecFunctionsSniff.php

[TravisCarden]

\PHPCS_SecurityAudit\Sniffs\BadFunctions\SystemExecFunctionsSniff makes the naive assumption that any string token with content matching the name of a system exec function is a function call, but this is not necessarily so. For example, it may be a namespace component. In that case, the sniff will cause an error.

Given the following test.php:

<?php

use Drupal\system\Entity\Action;

Then:

./vendor/bin/phpcs -s ./

FILE: /var/www/test.php
----------------------------------------------------------------------
FOUND 2 ERRORS AND 1 WARNING AFFECTING 2 LINES
----------------------------------------------------------------------
 1 | ERROR   | [ ] An error occurred during processing; checking has
   |         |     been aborted. The error message was: Undefined
   |         |     index: parenthesis_closer in
   |         |     /var/www/vendor/pheromone/phpcs-security-audit/Security/Sniffs/BadFunctions/SystemExecFunctionsSniff.php
   |         |     on line 33 (Internal.Exception)
----------------------------------------------------------------------
PHPCBF CAN FIX THE 2 MARKED SNIFF VIOLATIONS AUTOMATICALLY
----------------------------------------------------------------------

Time: 120ms; Memory: 10MB