Running Magento 2's Provided Code Sniffs

It's the PhpCsFixer configuration file, not the code sniffer rules itself

Instead of using command line options to customize the rule, you can save the project configuration in a .php_cs.dist file in the root directory of your project. The file must return an instance of PhpCsFixer\ConfigInterface which lets you configure the rules, the files and directories that need to be analyzed.

Example of command:

php-cs-fixer fix --config=.php_cs.dist -v --dry-run --stop-on-violation --using-cache=no

This fixer can be added to the pre-commit hook as well.

Ruleset for the code sniffer is in the ruleset.xml

You can use a pre-commit hook to check the staged files, there is one in:

dev/tools/Magento/Tools/StaticReview/pre-commit

Instead, if you want to test a specific file you can run the phpcs executable inside vendor/bin like this:

path/to/magento/vendor/bin/phpcs filetotest.php

and you can fix eventual errors with:

path/to/magento/vendor/bin/phpcbf filetotest.php