Magento 2 Coding Standards MCP

Overview Schema Related Servers Score Discussions

severity-rules.ts•22.6 KiB

/** * SEVERITY LEVELS AND RULES REFERENCE * Complete mapping of all Magento coding standard rules by severity. * Coverage: 83+ rules from https://github.com/magento/magento-coding-standard */ export interface SeverityLevel { level: number; type: 'error' | 'warning'; category: string; description: string; } export const SEVERITY_LEVELS: Record<number, SeverityLevel> = { 10: { level: 10, type: 'error', category: 'Critical', description: 'Critical code issues that must be fixed - security vulnerabilities, syntax errors, forbidden patterns' }, 9: { level: 9, type: 'warning', category: 'Security', description: 'Possible security issues and patterns that may cause bugs' }, 8: { level: 8, type: 'warning', category: 'Magento-specific', description: 'Magento specific code issues and design violations' }, 7: { level: 7, type: 'warning', category: 'General', description: 'General code quality issues' }, 6: { level: 6, type: 'warning', category: 'Style', description: 'Code style and formatting issues' }, 5: { level: 5, type: 'warning', category: 'Documentation', description: 'PHPDoc formatting and commenting issues' }, }; export interface Rule { name: string; severity: number; type: 'error' | 'warning'; description: string; category: string; fixable: boolean; } export const MAGENTO_RULES: Rule[] = [ // =================================================================== // SEVERITY 10 - CRITICAL // =================================================================== { name: 'Magento2.Security.InsecureFunction', severity: 10, type: 'error', description: 'Detects use of insecure functions (exec, eval, serialize, etc.)', category: 'Security', fixable: false }, { name: 'Magento2.Security.XssTemplate.FoundUnescaped', severity: 10, type: 'error', description: 'Detects unescaped output in phtml templates (XSS vulnerability)', category: 'Security', fixable: false }, { name: 'Magento2.Security.LanguageConstruct', severity: 10, type: 'error', description: 'Prevents dangerous language constructs like backticks', category: 'Security', fixable: false }, { name: 'Magento2.Security.IncludeFile', severity: 10, type: 'error', description: 'Detects unsafe file inclusion patterns', category: 'Security', fixable: false }, { name: 'Magento2.Security.Superglobal.SuperglobalUsageError', severity: 10, type: 'error', description: 'Prohibits direct superglobal access ($_GET, $_POST, etc.)', category: 'Security', fixable: false }, { name: 'Magento2.Strings.ExecutableRegEx', severity: 10, type: 'error', description: 'Prevents use of executable regex (e modifier)', category: 'Security', fixable: false }, { name: 'Magento2.PHP.FinalImplementation', severity: 10, type: 'error', description: 'Prohibits final keyword (breaks extensibility, plugins, proxies)', category: 'PHP', fixable: false }, { name: 'Magento2.PHP.Goto', severity: 10, type: 'error', description: 'Forbids goto statement', category: 'PHP', fixable: false }, { name: 'Magento2.NamingConvention.ReservedWords', severity: 10, type: 'error', description: 'Forbids PHP reserved words as class/namespace names', category: 'NamingConvention', fixable: false }, { name: 'Magento2.Classes.DiscouragedDependencies', severity: 10, type: 'error', description: 'Prevents explicit proxy/interceptor injection and ObjectManager usage', category: 'Classes', fixable: false }, { name: 'Magento2.Legacy.MageEntity', severity: 10, type: 'error', description: 'Detects Magento 1.x legacy patterns (Mage::, Mage_*, Enterprise_*)', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.RestrictedCode', severity: 10, type: 'error', description: 'Enforces use of Magento/Laminas classes instead of Zend Framework', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.AbstractBlock', severity: 10, type: 'error', description: 'Prevents use of legacy AbstractBlock class', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.ObsoleteConfigNodes', severity: 10, type: 'error', description: 'Validates obsolete config.xml nodes', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.InstallUpgrade', severity: 10, type: 'error', description: 'Validates install/upgrade scripts structure', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.DiConfig', severity: 10, type: 'error', description: 'Detects deprecated di.xml configuration patterns', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.ModuleXML', severity: 10, type: 'error', description: 'Validates module.xml structure against deprecated patterns', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.WidgetXML', severity: 10, type: 'error', description: 'Validates widget.xml structure against deprecated patterns', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.Layout', severity: 10, type: 'error', description: 'Detects deprecated layout XML patterns', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.ObsoleteAcl', severity: 10, type: 'error', description: 'Detects obsolete ACL configuration', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.ObsoleteMenu', severity: 10, type: 'error', description: 'Detects obsolete admin menu configuration', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.ObsoleteSystemConfiguration', severity: 10, type: 'error', description: 'Detects obsolete system.xml configuration nodes', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.ObsoleteConnection', severity: 10, type: 'error', description: 'Detects obsolete database connection usage', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.PhtmlTemplate', severity: 10, type: 'error', description: 'Detects deprecated patterns in phtml template files', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.ClassReferencesInConfigurationFiles', severity: 10, type: 'error', description: 'Detects deprecated class references in XML configuration', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.EmailTemplate', severity: 10, type: 'error', description: 'Detects deprecated email template patterns', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.EscapeMethodsOnBlockClass', severity: 10, type: 'error', description: 'Detects deprecated escape methods on Block class (use $escaper)', category: 'Legacy', fixable: false }, { name: 'Magento2.Legacy.TableName', severity: 10, type: 'error', description: 'Detects hardcoded table names (use resource model)', category: 'Legacy', fixable: false }, { name: 'Magento2.Html.HtmlSelfClosingTags', severity: 10, type: 'error', description: 'Prevents self-closing tags on non-void elements', category: 'Html', fixable: true }, { name: 'Magento2.Html.HtmlClosingVoidTags', severity: 10, type: 'error', description: 'Enforces self-closing void tags (br, hr, img, input, etc.)', category: 'Html', fixable: true }, { name: 'Magento2.Html.HtmlCollapsibleAttribute', severity: 10, type: 'error', description: 'Validates collapsible boolean attributes (disabled, checked, etc.)', category: 'Html', fixable: true }, { name: 'Magento2.Html.HtmlDirective', severity: 10, type: 'error', description: 'Validates Magento HTML directive syntax', category: 'Html', fixable: false }, { name: 'Magento2Framework.Header.Copyright', severity: 10, type: 'error', description: 'Enforces copyright header in PHP files', category: 'Framework', fixable: true }, { name: 'Magento2Framework.Header.CopyrightAnotherExtensionsFiles', severity: 10, type: 'error', description: 'Validates copyright in third-party extension files', category: 'Framework', fixable: false }, { name: 'Magento2Framework.Header.CopyrightGraphQL', severity: 10, type: 'error', description: 'Enforces copyright header in GraphQL schema files', category: 'Framework', fixable: true }, { name: 'Magento2Framework.Header.License', severity: 10, type: 'error', description: 'Validates license header format', category: 'Framework', fixable: true }, { name: 'Squiz.PHP.Eval', severity: 10, type: 'error', description: 'Forbids eval() function', category: 'Security', fixable: false }, // =================================================================== // SEVERITY 9 - SECURITY // =================================================================== { name: 'Magento2.Security.XssTemplate', severity: 9, type: 'warning', description: 'Warns about potential XSS issues in phtml files', category: 'Security', fixable: false }, { name: 'Magento2.Security.Superglobal.SuperglobalUsageWarning', severity: 9, type: 'warning', description: 'Warns about superglobal usage', category: 'Security', fixable: false }, { name: 'Magento2.SQL.RawQuery', severity: 9, type: 'warning', description: 'Detects raw SQL queries (SELECT, UPDATE, INSERT, etc.)', category: 'SQL', fixable: false }, { name: 'Magento2.Html.HtmlBinding', severity: 9, type: 'warning', description: 'Detects invalid HTML binding attributes', category: 'Html', fixable: false }, // =================================================================== // SEVERITY 8 - MAGENTO SPECIFIC // =================================================================== { name: 'Magento2.Functions.DiscouragedFunction', severity: 8, type: 'warning', description: 'Detects ~150+ discouraged functions with suggested alternatives', category: 'Functions', fixable: false }, { name: 'Magento2.Functions.StaticFunction', severity: 8, type: 'warning', description: 'Discourages static method usage', category: 'Functions', fixable: false }, { name: 'Magento2.Functions.FunctionsDeprecatedWithoutArgument', severity: 8, type: 'warning', description: 'Detects deprecated function calls without required arguments', category: 'Functions', fixable: false }, { name: 'Magento2.Exceptions.DirectThrow', severity: 8, type: 'warning', description: 'Discourages throwing generic Exception', category: 'Exceptions', fixable: false }, { name: 'Magento2.Exceptions.ThrowCatch', severity: 8, type: 'warning', description: 'Validates throw/catch patterns', category: 'Exceptions', fixable: false }, { name: 'Magento2.Exceptions.TryProcessSystemResources', severity: 8, type: 'warning', description: 'Warns about missing try-catch around system resource operations (file, network)', category: 'Exceptions', fixable: false }, { name: 'Magento2.Templates.ThisInTemplate', severity: 8, type: 'warning', description: 'Warns about $this usage in templates (use $block instead)', category: 'Templates', fixable: true }, { name: 'Magento2.Templates.ObjectManager', severity: 8, type: 'warning', description: 'Forbids ObjectManager usage in templates', category: 'Templates', fixable: false }, { name: 'Magento2.Translation.ConstantUsage', severity: 8, type: 'warning', description: 'Forbids constants as first argument of __() or Phrase()', category: 'Translation', fixable: false }, { name: 'Magento2.Methods.DeprecatedModelMethod', severity: 8, type: 'warning', description: 'Detects usage of deprecated Model methods', category: 'Methods', fixable: false }, { name: 'Magento2.NamingConvention.InterfaceName', severity: 8, type: 'warning', description: 'Ensures interfaces follow naming conventions', category: 'NamingConvention', fixable: false }, { name: 'Magento2.PHP.ShortEchoSyntax', severity: 8, type: 'warning', description: 'Recommends <?= ?> over <?php echo ?>', category: 'PHP', fixable: true }, { name: 'Magento2.PHP.ReturnValueCheck', severity: 8, type: 'warning', description: 'Validates return value checks for functions that may return false', category: 'PHP', fixable: false }, { name: 'Magento2.PHP.AutogeneratedClassNotInConstructor', severity: 8, type: 'warning', description: 'Warns about auto-generated classes (Factory, Proxy) used outside constructor', category: 'PHP', fixable: false }, { name: 'Magento2.PHP.ArrayAutovivification', severity: 8, type: 'warning', description: 'Detects array autovivification on null/false values (PHP 8.1 deprecation)', category: 'PHP', fixable: false }, { name: 'Magento2.Namespaces.ImportsFromTestNamespace', severity: 8, type: 'warning', description: 'Prevents importing from test namespaces in production code', category: 'Namespaces', fixable: false }, { name: 'Magento2.Classes.AbstractApi', severity: 8, type: 'warning', description: 'Warns about incorrect API class structure', category: 'Classes', fixable: false }, // =================================================================== // SEVERITY 7 - GENERAL // =================================================================== { name: 'Magento2.Performance.ForeachArrayMerge', severity: 7, type: 'warning', description: 'Detects array_merge() in loops (performance issue)', category: 'Performance', fixable: false }, { name: 'Magento2.CodeAnalysis.EmptyBlock', severity: 7, type: 'warning', description: 'Detects empty code blocks', category: 'CodeAnalysis', fixable: false }, { name: 'Magento2.PHP.LiteralNamespaces', severity: 7, type: 'warning', description: 'Detects hardcoded namespace strings (use ::class)', category: 'PHP', fixable: false }, { name: 'Magento2.PHP.Var', severity: 7, type: 'warning', description: 'Discourages use of var keyword for property declarations', category: 'PHP', fixable: true }, { name: 'Magento2.Strings.StringConcat', severity: 7, type: 'warning', description: 'Discourages excessive string concatenation', category: 'Strings', fixable: false }, // =================================================================== // SEVERITY 6 - STYLE // =================================================================== { name: 'Magento2.Whitespace.MultipleEmptyLines', severity: 6, type: 'warning', description: 'Limits consecutive blank lines (max 2)', category: 'Whitespace', fixable: true }, { name: 'Magento2.GraphQL.ValidTypeName', severity: 6, type: 'warning', description: 'Validates GraphQL types are in PascalCase', category: 'GraphQL', fixable: false }, { name: 'Magento2.GraphQL.ValidArgumentName', severity: 6, type: 'warning', description: 'Validates GraphQL argument names are in camelCase', category: 'GraphQL', fixable: false }, { name: 'Magento2.GraphQL.ValidEnumValue', severity: 6, type: 'warning', description: 'Validates GraphQL enum values are in SCREAMING_SNAKE_CASE', category: 'GraphQL', fixable: false }, { name: 'Magento2.GraphQL.ValidFieldName', severity: 6, type: 'warning', description: 'Validates GraphQL field names are in snake_case', category: 'GraphQL', fixable: false }, { name: 'Magento2.GraphQL.ValidTopLevelFieldName', severity: 6, type: 'warning', description: 'Validates top-level GraphQL field names follow conventions', category: 'GraphQL', fixable: false }, { name: 'Generic.Files.LineLength', severity: 6, type: 'warning', description: 'Maximum line length of 120 characters', category: 'Style', fixable: false }, { name: 'Generic.WhiteSpace.DisallowTabIndent', severity: 6, type: 'warning', description: 'Use spaces, not tabs', category: 'Style', fixable: true }, // =================================================================== // LESS/CSS RULES // =================================================================== { name: 'Magento2.Less.AvoidId', severity: 8, type: 'warning', description: 'Avoid using ID selectors (#id) in LESS/CSS - use class selectors', category: 'Less', fixable: false }, { name: 'Magento2.Less.ClassNaming', severity: 6, type: 'warning', description: 'Validates CSS class naming conventions (lowercase, hyphen-separated)', category: 'Less', fixable: false }, { name: 'Magento2.Less.ColonSpacing', severity: 6, type: 'warning', description: 'Enforces proper spacing around colons in property declarations', category: 'Less', fixable: true }, { name: 'Magento2.Less.SemicolonSpacing', severity: 6, type: 'warning', description: 'Enforces semicolons at end of property declarations', category: 'Less', fixable: true }, { name: 'Magento2.Less.ColourDefinition', severity: 6, type: 'warning', description: 'Hex colors should use variables; lowercase hex values preferred', category: 'Less', fixable: false }, { name: 'Magento2.Less.Indentation', severity: 6, type: 'warning', description: 'Use 4 spaces for indentation in LESS files', category: 'Less', fixable: true }, { name: 'Magento2.Less.ImportantProperty', severity: 7, type: 'warning', description: 'Avoid using !important - increase specificity instead', category: 'Less', fixable: false }, { name: 'Magento2.Less.PropertiesSorting', severity: 6, type: 'warning', description: 'CSS properties should be sorted alphabetically', category: 'Less', fixable: false }, { name: 'Magento2.Less.Quotes', severity: 6, type: 'warning', description: 'Use single quotes in LESS files', category: 'Less', fixable: true }, { name: 'Magento2.Less.Variables', severity: 6, type: 'warning', description: 'Validates LESS variable naming conventions (@kebab-case)', category: 'Less', fixable: false }, { name: 'Magento2.Less.ZeroUnits', severity: 6, type: 'warning', description: 'No units needed for zero values (use 0 not 0px)', category: 'Less', fixable: true }, { name: 'Magento2.Less.VariableAnnotation', severity: 6, type: 'warning', description: 'LESS variables should have descriptive comments', category: 'Less', fixable: false }, { name: 'Magento2.Less.MixinDeclaration', severity: 6, type: 'warning', description: 'Validates mixin declaration syntax', category: 'Less', fixable: false }, { name: 'Magento2.Less.SelectorDelimiter', severity: 6, type: 'warning', description: 'Each selector should be on its own line', category: 'Less', fixable: true }, { name: 'Magento2.Less.SelectorNesting', severity: 7, type: 'warning', description: 'Avoid deep nesting of selectors (max 3 levels)', category: 'Less', fixable: false }, { name: 'Magento2.Less.ShorthandProperty', severity: 6, type: 'warning', description: 'Use shorthand properties where possible', category: 'Less', fixable: false }, { name: 'Magento2.Less.CombinatorIndentation', severity: 6, type: 'warning', description: 'Proper indentation for CSS combinators', category: 'Less', fixable: true }, { name: 'Magento2.Less.BracesFormatting', severity: 6, type: 'warning', description: 'Opening brace on same line, closing brace on new line', category: 'Less', fixable: true }, { name: 'Magento2.Less.TrailingSemicolon', severity: 6, type: 'warning', description: 'Last property in a block must have a trailing semicolon', category: 'Less', fixable: true }, // =================================================================== // SEVERITY 5 - DOCUMENTATION // =================================================================== { name: 'Magento2.Commenting.ClassAndInterfacePHPDocFormatting', severity: 5, type: 'warning', description: 'Validates class/interface documentation format', category: 'Commenting', fixable: false }, { name: 'Magento2.Commenting.ClassPropertyPHPDocFormatting', severity: 5, type: 'warning', description: 'Validates property documentation format', category: 'Commenting', fixable: false }, { name: 'Magento2.Commenting.ConstantsPHPDocFormatting', severity: 5, type: 'warning', description: 'Validates constants documentation format', category: 'Commenting', fixable: false }, { name: 'Magento2.Annotation.MethodAnnotationStructure', severity: 5, type: 'warning', description: 'Validates method PHPDoc structure', category: 'Annotation', fixable: false }, { name: 'Magento2.Annotation.MethodArguments', severity: 5, type: 'warning', description: 'Validates method argument annotations match signature', category: 'Annotation', fixable: false }, { name: 'Squiz.PHP.CommentedOutCode', severity: 5, type: 'warning', description: 'Detects commented-out code (>80% code threshold)', category: 'Commenting', fixable: false }, ]; /** * Get rules by severity level */ export function getRulesBySeverity(severity: number): Rule[] { return MAGENTO_RULES.filter(rule => rule.severity === severity); } /** * Get rules by category */ export function getRulesByCategory(category: string): Rule[] { return MAGENTO_RULES.filter(rule => rule.category.toLowerCase() === category.toLowerCase()); } /** * Get all rule categories */ export function getAllCategories(): string[] { return [...new Set(MAGENTO_RULES.map(rule => rule.category))]; } /** * Get severity info */ export function getSeverityInfo(severity: number): SeverityLevel | null { return SEVERITY_LEVELS[severity] || null; }

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Midhun-edv/magento2-coding-standards-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

severity-rules.ts•22.6 KiB