feat(dev): Add php-forge/coding-standard to development dependencies for code quality checks

[terabytesoftw]

Pull Request

Q	A
Is bugfix?	❌
New feature?	✔️
Breaks BC?	❌

[coderabbitai]

📝 Walkthrough

Summary by CodeRabbit

• Chores
  • Updated development dependencies for code quality checks
  • Simplified code quality configuration management

_{✏️ Tip: You can customize this high-level summary in your review settings.}

Walkthrough

This PR updates development dependencies and refactors code quality tool configurations. It replaces locally-defined ECS and Rector configurations with external vendor-provided configurations from php-forge/coding-standard, removing rect/rector and symplify/easy-coding-standard from dependencies while simplifying configuration files.

Changes

Cohort / File(s)	Summary
Dependency & Changelog Updates composer.json, CHANGELOG.md	Added php-forge/coding-standard to require-dev; removed rector/rector and symplify/easy-coding-standard. Updated sync-metadata script entries. CHANGELOG reflects Enh #119 addition in development section.
Code Quality Tool Configurations ecs.php, rector.php	Simplified ECS configuration by replacing extensive inline rule configuration with vendor-provided ECSConfigBuilder. Refactored rector.php to import external configuration via rectorConfig->import() instead of inline config blocks, removing sets, skip rules, and rule overrides.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Poem

🐰 Hoppy refactoring day, ✨
Vendor configs show the way,
Rules once tangled, now they play,
Clean and simple, hip hooray! 🌟

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately describes the main change: adding php-forge/coding-standard to development dependencies for code quality checks, which is confirmed by the changes in composer.json and the CHANGELOG entry.
Description check	✅ Passed	The description provides relevant context about the pull request being a new feature that does not break backward compatibility, which aligns with the changeset's purpose of adding a development dependency.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

• 📝 Generate docstrings

---

📜 Recent review details

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 9bb3020 and 5327401.

📒 Files selected for processing (4)

• CHANGELOG.md
• composer.json
• ecs.php
• rector.php

🧰 Additional context used

🧠 Learnings (6)

📓 Common learnings

Learnt from: terabytesoftw
Repo: php-forge/actions PR: 67
File: .github/workflows/phpstan.yml:13-16
Timestamp: 2025-09-29T14:58:04.095Z
Learning: In the php-forge/actions repository, the maintainer prefers using "composer update" as the default command in CI workflows to ensure the latest dependencies are always installed, rather than using "composer install" for reproducibility.

Learnt from: terabytesoftw
Repo: php-forge/foxy PR: 115
File: tests/Fallback/AssetFallbackTest.php:158-189
Timestamp: 2026-01-23T11:22:07.261Z
Learning: User terabytesoftw prefers not to use aliases when importing classes in PHP. They are comfortable with either fully-qualified class names or direct imports without aliases.

Learnt from: terabytesoftw
Repo: php-forge/support PR: 12
File: src/TestSupport.php:0-0
Timestamp: 2025-08-18T20:13:33.518Z
Learning: User terabytesoftw prefers clean trait-based designs over maintaining backward compatibility wrappers when refactoring utility classes in the php-forge/support project.

Learnt from: terabytesoftw
Repo: php-forge/actions PR: 65
File: .github/workflows/composer-require-checker.yml:80-83
Timestamp: 2025-09-28T15:12:48.345Z
Learning: The user terabytesoftw prefers using floating tags like v1 for third-party actions in GitHub workflows instead of pinning to specific commit SHAs, even when it's a security best practice to pin to immutable commits.

📚 Learning: 2026-01-23T14:43:58.778Z

Learnt from: terabytesoftw
Repo: php-forge/foxy PR: 115
File: ecs.php:81-95
Timestamp: 2026-01-23T14:43:58.778Z
Learning: In ecs.php, when using the Symfony/Orchestrating tool 'withPhpCsFixerSets()', beware that PHP-CS-Fixer rule set names are converted to camelCase parameter names by stripping special characters. For example, 'PER-CS3x0' becomes 'perCS30' and 'PER-CS2x0' becomes 'perCS20'. Ensure that any expectations or tests asserting the parameter names match this camelCase transformation rather than the original '@.../CS...' names.

Applied to files:

• ecs.php

📚 Learning: 2025-08-18T16:13:31.606Z

Learnt from: terabytesoftw
Repo: php-forge/support PR: 11
File: phpstan.neon:1-3
Timestamp: 2025-08-18T16:13:31.606Z
Learning: In the php-forge/support project, PHPStan is intended to be used as a PHAR installation rather than as a Composer dependency, even though the composer.json was updated to include phpstan/phpstan as a dependency.

Applied to files:

• CHANGELOG.md
• composer.json

📚 Learning: 2025-09-29T14:58:04.095Z

Learnt from: terabytesoftw
Repo: php-forge/actions PR: 67
File: .github/workflows/phpstan.yml:13-16
Timestamp: 2025-09-29T14:58:04.095Z
Learning: In the php-forge/actions repository, the maintainer prefers using "composer update" as the default command in CI workflows to ensure the latest dependencies are always installed, rather than using "composer install" for reproducibility.

Applied to files:

• CHANGELOG.md
• composer.json

📚 Learning: 2026-01-23T11:09:08.789Z

Learnt from: terabytesoftw
Repo: php-forge/foxy PR: 115
File: composer.json:68-77
Timestamp: 2026-01-23T11:09:08.789Z
Learning: When a composer.json in php-forge repositories references external template repos in sync-metadata scripts, prefer using the main branch reference rather than pinning to specific commit SHAs or tags. This reduces maintenance when upstream templates change, but be aware of potential drift; document rationale and review changes periodically.

Applied to files:

• composer.json

📚 Learning: 2025-08-18T15:43:30.996Z

Learnt from: terabytesoftw
Repo: php-forge/support PR: 11
File: composer.json:13-16
Timestamp: 2025-08-18T15:43:30.996Z
Learning: Testing helper libraries (packages with "testing" or "support" in keywords/description that provide test utilities) should include PHPUnit and other testing frameworks in the main "require" section rather than "require-dev", as consuming packages need these dependencies to use the testing utilities.

Applied to files:

• composer.json

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (11)

• GitHub Check: linter / Super Linter
• GitHub Check: phpunit / PHP 8.1-ubuntu-latest
• GitHub Check: phpunit / PHP 8.3-windows-2022
• GitHub Check: phpunit / PHP 8.2-windows-2022
• GitHub Check: phpunit / PHP 8.5-ubuntu-latest
• GitHub Check: phpunit / PHP 8.2-ubuntu-latest
• GitHub Check: phpunit / PHP 8.4-windows-2022
• GitHub Check: phpunit / PHP 8.4-ubuntu-latest
• GitHub Check: mutation / PHP 8.5-ubuntu-latest
• GitHub Check: mutation / PHP 8.5-ubuntu-latest
• GitHub Check: linter / Super Linter

🔇 Additional comments (5)

CHANGELOG.md (1)

21-21: Changelog entry looks correct.

Clear and consistent with the PR scope.

composer.json (2)

79-85: Sync-metadata entry looks good.

No concerns with the updated template sync entry.

---

33-41: Dependency does not exist: php-forge/coding-standard is not available on Packagist.

Line 35 adds php-forge/coding-standard: ^0.1, but this package does not exist in any public or configured repository. The composer install command will fail to resolve this dependency. Additionally, the config files (ecs.php and rector.php) import from vendor/php-forge/coding-standard/config/ and the scripts reference ./vendor/bin/ecs and ./vendor/bin/rector binaries that will not be available. Replace with explicit dependencies on symplify/easy-coding-standard and rector/rector, or if php-forge/coding-standard is a private package, configure the appropriate repository in composer.json.

⛔ Skipped due to learnings

Learnt from: terabytesoftw
Repo: php-forge/support PR: 11
File: composer.json:13-16
Timestamp: 2025-08-18T15:43:30.996Z
Learning: Testing helper libraries (packages with "testing" or "support" in keywords/description that provide test utilities) should include PHPUnit and other testing frameworks in the main "require" section rather than "require-dev", as consuming packages need these dependencies to use the testing utilities.

Learnt from: terabytesoftw
Repo: php-forge/support PR: 11
File: phpstan.neon:1-3
Timestamp: 2025-08-18T16:13:31.606Z
Learning: In the php-forge/support project, PHPStan is intended to be used as a PHAR installation rather than as a Composer dependency, even though the composer.json was updated to include phpstan/phpstan as a dependency.

Learnt from: terabytesoftw
Repo: php-forge/actions PR: 67
File: .github/workflows/phpstan.yml:13-16
Timestamp: 2025-09-29T14:58:04.095Z
Learning: In the php-forge/actions repository, the maintainer prefers using "composer update" as the default command in CI workflows to ensure the latest dependencies are always installed, rather than using "composer install" for reproducibility.

Learnt from: terabytesoftw
Repo: php-forge/foxy PR: 115
File: composer.json:68-77
Timestamp: 2026-01-23T11:09:15.771Z
Learning: In the php-forge organization repositories, terabytesoftw prefers using the main branch reference in composer.json sync-metadata scripts when downloading configuration files from external template repositories, rather than pinning to specific commit SHAs or tags, even though pinning provides more stability and prevents unexpected changes.

ecs.php (1)

5-13: The vendor configuration file and ECSConfigBuilder class compatibility are actively validated through CI (see .github/workflows/ecs.yml). The project's development documentation already documents the easy-coding-standard composer script, and the dependency is properly declared in composer.json. No action required.

rector.php (1)

5-15: RectorConfig::import() is a valid, documented method—no action needed.

The import() method is a standard Rector feature used to include vendor-provided config files. The pattern matches Rector's documented approach for reusing shared configurations. Verification requires composer install to confirm the vendor file exists, but the project's CHANGELOG explicitly documents the intentional addition of php-forge/coding-standard for code quality checks, and the parallel pattern in ecs.php confirms the setup is working.

_{✏️ Tip: You can disable this entire section by setting review_details to false in your review settings.}

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (34fbd45) to head (5327401).
⚠️ Report is 2 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@             Coverage Diff             @@
##                main      #119   +/-   ##
===========================================
  Coverage     100.00%   100.00%           
  Complexity       359       359           
===========================================
  Files             26        26           
  Lines            823       823           
===========================================
  Hits             823       823           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.