From 7eabe1b4036376a8601b587c7667e7beb19ddf38 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 16:55:42 +0200 Subject: [PATCH 01/42] Performance/BatcacheWhitelistedParams: remove the sniff * Remove the sniff. * Remove the related test in the `WordPressVIPMinimum/ruleset-test.inc` file. * Remove the error silencing from VIP-Go. * Remove the related test in the `WordPress-VIP-Go/ruleset-test.inc` file. This one is a little more involved. Basically the call to `wp_verify_nonce()`, which is being removed, was "silencing" the nonce verification error for other tests as well, most notably for the tests on line 83-85, due to most tests being in the global scope. Looking at it more closely, turns out that line 83 wasn't testing what it was supposed to be testing. The error which was previously being thrown on line 83 was about the nonce verification being missing, while the test is annotated to be about the `WordPress.Security.ValidatedSanitizedInput[.InputNotSanitized]` error, which wasn't being thrown. Adding a nonce verification check on some empty lines above these tests gets rid of the nonce verification errors, but now left line 83 not testing anything at all (as no key is accessed in the superglobal). Adding a random key gets us the error which was intended to be thrown on this line, but now also adds the "missing validation" error. IMO, this is correct (better than it was before), so I'm also updating the test expectations for line 83. --- WordPress-VIP-Go/ruleset-test.inc | 14 +-- WordPress-VIP-Go/ruleset-test.php | 1 + WordPress-VIP-Go/ruleset.xml | 4 - .../BatcacheWhitelistedParamsSniff.php | 113 ------------------ .../BatcacheWhitelistedParamsUnitTest.inc | 9 -- .../BatcacheWhitelistedParamsUnitTest.php | 41 ------- WordPressVIPMinimum/ruleset-test.inc | 6 +- WordPressVIPMinimum/ruleset-test.php | 1 - 8 files changed, 11 insertions(+), 178 deletions(-) delete mode 100644 WordPressVIPMinimum/Sniffs/Performance/BatcacheWhitelistedParamsSniff.php delete mode 100644 WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.inc delete mode 100644 WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.php diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc index a5c9f6e5..fc4324f4 100644 --- a/WordPress-VIP-Go/ruleset-test.inc +++ b/WordPress-VIP-Go/ruleset-test.inc @@ -56,8 +56,8 @@ $x = sanitize_key( $_COOKIE['bar'] ); // phpcs:ignore WordPress.Security.Validat if ( isset( $_SERVER['HTTP_USER_AGENT'] ) && $_SERVER['HTTP_USER_AGENT'] === 'some_value' ) { // Error. } - - +// Make sure nonce verification is done in global scope to silence notices about use of superglobals without later on in the file. +isset( $_GET['my_nonce'] ) && wp_verify_nonce( sanitize_text_field( $_GET['my_nonce'] ) ); // WordPress.WP.AlternativeFunctions.file_system_read_fopen fopen( 'file.txt', 'r' ); // Warning + Message. @@ -80,7 +80,7 @@ function foo_bar() { } // WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -do_something( $_POST ); // Error. +do_something( $_POST['key'] ); // Error + warning. if ( isset( $_POST['foo2'] ) ) { bar( wp_unslash( $_POST['foo2'] ) ); // Warning. } @@ -279,10 +279,10 @@ $args( [ $query = new WP_Query( ['meta_key' => 'foo' ] ); // Ok. $args = 'foo=bar&meta_key=foo'; // Ok. -// WordPressVIPMinimum.Performance.BatcacheWhitelistedParams -if ( isset( $_GET['migSource'] ) && wp_verify_nonce( sanitize_text_field( $_GET['migSource'] ) ) ) { - $test = sanitize_text_field( $_GET['migSource'] ); // Ok. -} + + + + diff --git a/WordPress-VIP-Go/ruleset-test.php b/WordPress-VIP-Go/ruleset-test.php index 694ee5fa..5a4070cd 100644 --- a/WordPress-VIP-Go/ruleset-test.php +++ b/WordPress-VIP-Go/ruleset-test.php @@ -134,6 +134,7 @@ 47 => 1, 63 => 1, 66 => 1, + 83 => 1, 85 => 1, 90 => 1, 94 => 1, diff --git a/WordPress-VIP-Go/ruleset.xml b/WordPress-VIP-Go/ruleset.xml index 93c6bd81..9ea7f34f 100644 --- a/WordPress-VIP-Go/ruleset.xml +++ b/WordPress-VIP-Go/ruleset.xml @@ -243,10 +243,6 @@ 0 - - - 0 - 0 diff --git a/WordPressVIPMinimum/Sniffs/Performance/BatcacheWhitelistedParamsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/BatcacheWhitelistedParamsSniff.php deleted file mode 100644 index af2103b5..00000000 --- a/WordPressVIPMinimum/Sniffs/Performance/BatcacheWhitelistedParamsSniff.php +++ /dev/null @@ -1,113 +0,0 @@ -tokens[ $stackPtr ]['content'] !== '$_GET' ) { - return; - } - - $key = $this->phpcsFile->findNext( array_merge( Tokens::$emptyTokens, [ T_OPEN_SQUARE_BRACKET ] ), $stackPtr + 1, null, true ); - - if ( $this->tokens[ $key ]['code'] !== T_CONSTANT_ENCAPSED_STRING ) { - return; - } - - $variable_name = $this->tokens[ $key ]['content']; - - $variable_name = substr( $variable_name, 1, -1 ); - - if ( in_array( $variable_name, $this->whitelistes_batcache_params, true ) === true ) { - $message = 'Batcache whitelisted GET param, `%s`, found. Batcache whitelisted parameters get stripped and are not available in PHP.'; - $data = [ $variable_name ]; - $this->phpcsFile->addWarning( $message, $stackPtr, 'StrippedGetParam', $data ); - - return; - } - } -} diff --git a/WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.inc b/WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.inc deleted file mode 100644 index 5b199444..00000000 --- a/WordPressVIPMinimum/Tests/Performance/BatcacheWhitelistedParamsUnitTest.inc +++ /dev/null @@ -1,9 +0,0 @@ - => - */ - public function getErrorList() { - return []; - } - - /** - * Returns the lines where warnings should occur. - * - * @return array => - */ - public function getWarningList() { - return [ - 3 => 2, - 7 => 1, - ]; - } -} diff --git a/WordPressVIPMinimum/ruleset-test.inc b/WordPressVIPMinimum/ruleset-test.inc index 38617dd0..454ede29 100644 --- a/WordPressVIPMinimum/ruleset-test.inc +++ b/WordPressVIPMinimum/ruleset-test.inc @@ -442,9 +442,9 @@ add_filter( 'robots_txt', function() { // Warning. return 'test'; } ); -// WordPressVIPMinimum.Performance.BatcacheWhitelistedParams -// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated -$test = sanitize_text_field( $_GET["utm_medium"] ); // Warning. + + + // WordPressVIPMinimum.Performance.CacheValueOverride $bad_wp_users = wp_cache_get( md5( self::CACHE_KEY . '_wp_users'), self::CACHE_GROUP ); diff --git a/WordPressVIPMinimum/ruleset-test.php b/WordPressVIPMinimum/ruleset-test.php index 58e54c38..69e039ab 100644 --- a/WordPressVIPMinimum/ruleset-test.php +++ b/WordPressVIPMinimum/ruleset-test.php @@ -273,7 +273,6 @@ 439 => 1, 440 => 1, 441 => 1, - 447 => 1, 454 => 1, 457 => 1, 458 => 1, From 09cab10348d91da05f823a496b1d4f8fa109c392 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 17:22:17 +0200 Subject: [PATCH 02/42] Variables/VariableAnalysis: remove the sniff Follow up after the deprecation in PR 450. * Remove the sniff. * Remove the error silencing related to the deprecation from the ruleset. --- .../Variables/VariableAnalysisSniff.php | 81 ------------------- .../Variables/VariableAnalysisUnitTest.inc | 29 ------- .../Variables/VariableAnalysisUnitTest.php | 41 ---------- WordPressVIPMinimum/ruleset.xml | 28 ------- 4 files changed, 179 deletions(-) delete mode 100644 WordPressVIPMinimum/Sniffs/Variables/VariableAnalysisSniff.php delete mode 100644 WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.inc delete mode 100644 WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.php diff --git a/WordPressVIPMinimum/Sniffs/Variables/VariableAnalysisSniff.php b/WordPressVIPMinimum/Sniffs/Variables/VariableAnalysisSniff.php deleted file mode 100644 index 18e1ed27..00000000 --- a/WordPressVIPMinimum/Sniffs/Variables/VariableAnalysisSniff.php +++ /dev/null @@ -1,81 +0,0 @@ - - * @copyright 2011-2012 Sam Graham - * @license http://www.opensource.org/licenses/bsd-license.php BSD License - * @link http://pear.php.net/package/PHP_CodeSniffer - */ - -namespace WordPressVIPMinimum\Sniffs\Variables; - -use PHP_CodeSniffer\Files\File; - -/** - * Checks for undefined function variables. - * - * This sniff checks that all function variables - * are defined in the function body. - * - * @category PHP - * @package PHP_CodeSniffer - * @author Sam Graham - * @copyright 2011 Sam Graham - * @link http://pear.php.net/package/PHP_CodeSniffer - * - * @deprecated 2.2.0 Use the `VariableAnalysis.CodeAnalysis.VariableAnalysis` sniff instead. - * This `WordPressVIPMinimum.Variables.VariableAnalysis sniff will be removed in VIPCS 3.0.0. - */ -class VariableAnalysisSniff extends \VariableAnalysis\Sniffs\CodeAnalysis\VariableAnalysisSniff { - - /** - * Keep track of whether the warnings have been thrown to prevent - * the messages being thrown for every token triggering the sniff. - * - * @since 2.2.0 - * - * @var array - */ - private $thrown = [ - 'DeprecatedSniff' => false, - 'FoundPropertyForDeprecatedSniff' => false, - ]; - - /** - * Don't use. - * - * @since 2.2.0 Added to allow for throwing the deprecation notices. - * @deprecated 2.2.0 - * - * @param \PHP_CodeSniffer\Files\File $phpcsFile The file being scanned. - * @param int $stackPtr The position of the current token - * in the stack passed in $tokens. - * - * @return int|void Integer stack pointer to skip forward or void to continue - * normal file processing. - */ - public function process( File $phpcsFile, $stackPtr ) { - - if ( $this->thrown['DeprecatedSniff'] === false ) { - $this->thrown['DeprecatedSniff'] = $phpcsFile->addWarning( - 'The "WordPressVIPMinimum.Variables.VariableAnalysis" sniff has been deprecated. Use the "VariableAnalysis.CodeAnalysis.VariableAnalysis" sniff instead. Please update your custom ruleset.', - 0, - 'DeprecatedSniff' - ); - } - if ( ! empty( $this->exclude ) && $this->thrown['FoundPropertyForDeprecatedSniff'] === false ) { - $this->thrown['FoundPropertyForDeprecatedSniff'] = $phpcsFile->addWarning( - 'The "WordPressVIPMinimum.Variables.VariableAnalysis" sniff has been deprecated. Use the "CodeAnalysis.VariableAnalysis" sniff instead. "exclude" property setting found. Please update your custom ruleset.', - 0, - 'FoundPropertyForDeprecatedSniff' - ); - } - - parent::process( $phpcsFile, $stackPtr ); - } -} diff --git a/WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.inc b/WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.inc deleted file mode 100644 index 2c8d0347..00000000 --- a/WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.inc +++ /dev/null @@ -1,29 +0,0 @@ -bar(); // Undefined $this in trait OK. - } - function bar() {} -} - -function test() { - try { - do_something_silly(); - } catch ( Exception $e ) {} // OK. -} - -class MyClass { - function my_function() { - return function() { - $this->my_callback(); // OK - new VariableAnalysis doesn't flag $this as undefined in closure. - }; - } - - function my_callback() {} - } diff --git a/WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.php b/WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.php deleted file mode 100644 index f32045fd..00000000 --- a/WordPressVIPMinimum/Tests/Variables/VariableAnalysisUnitTest.php +++ /dev/null @@ -1,41 +0,0 @@ - => - */ - public function getErrorList() { - return []; - } - - /** - * Returns the lines where warnings should occur. - * - * @return array => - */ - public function getWarningList() { - return [ - 1 => 1, - 5 => 2, - ]; - } -} diff --git a/WordPressVIPMinimum/ruleset.xml b/WordPressVIPMinimum/ruleset.xml index 25833535..ae8347d4 100644 --- a/WordPressVIPMinimum/ruleset.xml +++ b/WordPressVIPMinimum/ruleset.xml @@ -153,32 +153,4 @@ - - - 0 - - - - - 0 - - - 0 - - - 0 - - - 0 - - - 0 - - - 0 - - - 0 - - From 21d01536e41f7a8762afc54755681e4a01d73eb1 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 17:15:30 +0200 Subject: [PATCH 03/42] Compatibility/Zoninator: remove the sniff * Remove the sniff. * Remove the related test in the `WordPressVIPMinimum/ruleset-test.inc` file. * Remove the related test in the `WordPress-VIP-Go/ruleset-test.inc` file. --- WordPress-VIP-Go/ruleset-test.inc | 4 +- WordPress-VIP-Go/ruleset-test.php | 1 - .../Sniffs/Compatibility/ZoninatorSniff.php | 90 ------------------- .../Tests/Compatibility/ZoninatorUnitTest.inc | 13 --- .../Tests/Compatibility/ZoninatorUnitTest.php | 43 --------- WordPressVIPMinimum/ruleset-test.inc | 4 +- WordPressVIPMinimum/ruleset-test.php | 1 - 7 files changed, 4 insertions(+), 152 deletions(-) delete mode 100644 WordPressVIPMinimum/Sniffs/Compatibility/ZoninatorSniff.php delete mode 100644 WordPressVIPMinimum/Tests/Compatibility/ZoninatorUnitTest.inc delete mode 100644 WordPressVIPMinimum/Tests/Compatibility/ZoninatorUnitTest.php diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc index a5c9f6e5..f9f64919 100644 --- a/WordPress-VIP-Go/ruleset-test.inc +++ b/WordPress-VIP-Go/ruleset-test.inc @@ -322,8 +322,8 @@ class MyWidget extends WP_Widget { class BadTestClass extends WP_CLI_Command { // Warning. } -// WordPressVIPMinimum.Compatibility.ZoninatorSniff -wpcom_vip_load_plugin( 'zoninator', 'plugins', '0.8' ); // Warning. + + // WordPressVIPMinimum.Constants.ConstantString define( WPCOM_VIP ); // Error. diff --git a/WordPress-VIP-Go/ruleset-test.php b/WordPress-VIP-Go/ruleset-test.php index 694ee5fa..6f37a66a 100644 --- a/WordPress-VIP-Go/ruleset-test.php +++ b/WordPress-VIP-Go/ruleset-test.php @@ -196,7 +196,6 @@ 269 => 1, 273 => 1, 322 => 1, - 326 => 1, 332 => 1, 392 => 1, 394 => 1, diff --git a/WordPressVIPMinimum/Sniffs/Compatibility/ZoninatorSniff.php b/WordPressVIPMinimum/Sniffs/Compatibility/ZoninatorSniff.php deleted file mode 100644 index b773c79b..00000000 --- a/WordPressVIPMinimum/Sniffs/Compatibility/ZoninatorSniff.php +++ /dev/null @@ -1,90 +0,0 @@ -tokens[ $stackPtr ]['content'] !== 'wpcom_vip_load_plugin' ) { - return; - } - - $openBracket = $this->phpcsFile->findNext( Tokens::$emptyTokens, $stackPtr + 1, null, true ); - - if ( $this->tokens[ $openBracket ]['code'] !== T_OPEN_PARENTHESIS ) { - // Not a function call. - return; - } - - $plugin_name = $this->phpcsFile->findNext( Tokens::$emptyTokens, $openBracket + 1, null, true ); - - if ( $this->remove_wrapping_quotation_marks( $this->tokens[ $plugin_name ]['content'] ) !== 'zoninator' ) { - return; - } - - $comma = $this->phpcsFile->findNext( Tokens::$emptyTokens, $plugin_name + 1, null, true ); - - if ( ! $comma || $this->tokens[ $comma ]['code'] !== 'PHPCS_T_COMMA' ) { - // We are loading the default version. - return; - } - - $folder = $this->phpcsFile->findNext( Tokens::$emptyTokens, $comma + 1, null, true ); - - $comma = $this->phpcsFile->findNext( Tokens::$emptyTokens, $folder + 1, null, true ); - - if ( ! $comma || $this->tokens[ $comma ]['code'] !== 'PHPCS_T_COMMA' ) { - // We are loading the default version. - return; - } - - $version = $this->phpcsFile->findNext( Tokens::$emptyTokens, $comma + 1, null, true ); - $version = $this->remove_wrapping_quotation_marks( $this->tokens[ $version ]['content'] ); - - if ( version_compare( $version, '0.8', '>=' ) === true ) { - $message = 'Zoninator of version >= v0.8 requires WordPress core REST API. Please, make sure the `wpcom_vip_load_wp_rest_api()` is being called on all sites loading this file.'; - $this->phpcsFile->addWarning( $message, $stackPtr, 'RequiresRESTAPI' ); - } - } - - /** - * Removes the quotation marks around T_CONSTANT_ENCAPSED_STRING. - * - * @param string $text_string T_CONSTANT_ENCAPSED_STRING containing wrapping quotation marks. - * - * @return string String w/o wrapping quotation marks. - */ - public function remove_wrapping_quotation_marks( $text_string ) { - return trim( str_replace( '"', "'", $text_string ), "'" ); - } -} diff --git a/WordPressVIPMinimum/Tests/Compatibility/ZoninatorUnitTest.inc b/WordPressVIPMinimum/Tests/Compatibility/ZoninatorUnitTest.inc deleted file mode 100644 index f183fd2e..00000000 --- a/WordPressVIPMinimum/Tests/Compatibility/ZoninatorUnitTest.inc +++ /dev/null @@ -1,13 +0,0 @@ - => - */ - public function getErrorList() { - return []; - } - - /** - * Returns the lines where warnings should occur. - * - * @return array => - */ - public function getWarningList() { - return [ - 3 => 1, - 4 => 1, - 5 => 1, - 6 => 1, - ]; - } -} diff --git a/WordPressVIPMinimum/ruleset-test.inc b/WordPressVIPMinimum/ruleset-test.inc index 38617dd0..aaef9969 100644 --- a/WordPressVIPMinimum/ruleset-test.inc +++ b/WordPressVIPMinimum/ruleset-test.inc @@ -278,8 +278,8 @@ class MyWidget extends WP_Widget { // WordPressVIPMinimum.Classes.RestrictedExtendClasses class BadTestClass extends WP_CLI_Command { } // Warning. -// WordPressVIPMinimum.Compatibility.ZoninatorSniff -wpcom_vip_load_plugin( 'zoninator', 'plugins', '0.8' ); // Warning. + + // WordPressVIPMinimum.Constants.ConstantString define( WPCOM_VIP ); // Error. diff --git a/WordPressVIPMinimum/ruleset-test.php b/WordPressVIPMinimum/ruleset-test.php index 58e54c38..0972e481 100644 --- a/WordPressVIPMinimum/ruleset-test.php +++ b/WordPressVIPMinimum/ruleset-test.php @@ -248,7 +248,6 @@ 256 => 1, 264 => 2, 279 => 1, - 282 => 1, 288 => 1, 293 => 1, 294 => 1, From 99d8e04cea8579ea7757cb693a8ecc33c71e2086 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 10:19:01 +0200 Subject: [PATCH 04/42] Composer: require PHPCSUtils By starting to use PHPCSUtils, we make VIPCS less dependent on WordPressCS. It has brings added benefits of more stable, thoroughly tested utility methods, which all support modern PHP. This adds the dependency and updates relevant documentation. Note: I've not changed the GH Actions workflows to add PHPCSUtils to the matrix (yet). Changes to the workflows will be done in a separate commit. --- .github/CONTRIBUTING.md | 1 + .github/ISSUE_TEMPLATE/bug_report.md | 1 + README.md | 3 ++- composer.json | 2 +- tests/bootstrap.php | 3 ++- 5 files changed, 7 insertions(+), 3 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 42e7700b..f2651a80 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -64,6 +64,7 @@ When you introduce new `public` sniff properties, or your sniff extends a class ### Pre-requisites * VIP Coding Standards * WordPress-Coding-Standards +* PHPCSUtils 1.x * PHP_CodeSniffer 3.x * PHPUnit 4.x, 5.x, 6.x or 7.x diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index f68fd0df..c089b1d2 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -44,6 +44,7 @@ Use `php -v` and `composer show` to get versions. | ------------------------ | ------- | PHP version | x.y.z | PHP_CodeSniffer version | x.y.z +| PHPCSUtils version | x.y.z | VIPCS version | x.y.z | WordPressCS version | x.y.z | VariableAnalysis version | x.y.z diff --git a/README.md b/README.md index 6b5c15da..1bcb6465 100644 --- a/README.md +++ b/README.md @@ -17,6 +17,7 @@ Go to https://docs.wpvip.com/technical-references/code-review/phpcs-report/ to l * PHP 5.4+ * [PHPCS 3.7.1+](https://github.com/squizlabs/PHP_CodeSniffer/releases) +* [PHPCSUtils 1.0.8+](https://github.com/PHPCSStandards/PHPCSUtils) * [WPCS 2.3.0+](https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/releases) * [VariableAnalysis 2.11.17+](https://github.com/sirbrillig/phpcs-variable-analysis/releases) @@ -34,7 +35,7 @@ composer g config allow-plugins.dealerdirect/phpcodesniffer-composer-installer t composer g require automattic/vipwpcs ``` -This will install the latest compatible versions of PHPCS, WPCS and VariableAnalysis and register the external standards with PHP_CodeSniffer. +This will install the latest compatible versions of PHPCS, PHPCSUtils, WPCS and VariableAnalysis and register the external standards with PHP_CodeSniffer. Please refer to the [installation instructions for installing PHP_CodeSniffer for WordPress.com VIP](https://docs.wpvip.com/how-tos/code-review/php_codesniffer/) for more details. diff --git a/composer.json b/composer.json index 1fc19981..005944eb 100644 --- a/composer.json +++ b/composer.json @@ -17,7 +17,7 @@ ], "require": { "php": ">=5.4", - "dealerdirect/phpcodesniffer-composer-installer": "^0.4.1 || ^0.5 || ^0.6.2 || ^0.7 || ^1.0", + "phpcsstandards/phpcsutils": "^1.0.8", "sirbrillig/phpcs-variable-analysis": "^2.11.17", "squizlabs/php_codesniffer": "^3.7.1", "wp-coding-standards/wpcs": "^2.3" diff --git a/tests/bootstrap.php b/tests/bootstrap.php index bb063fdc..667f58a7 100644 --- a/tests/bootstrap.php +++ b/tests/bootstrap.php @@ -48,7 +48,8 @@ If you use Composer, please run `composer install`. Otherwise, make sure you set a `PHPCS_DIR` environment variable in your phpunit.xml file -pointing to the PHPCS directory. +pointing to the PHPCS directory and that PHPCSUtils is included in the `installed_paths` +for that PHPCS install. Please read the contributors guidelines for more information: https://github.com/Automattic/VIP-Coding-Standards/blob/develop/.github/CONTRIBUTING.md From bf95652182276aab29a060c11f171e0d726ea962 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Mon, 27 Jul 2020 20:06:22 +0200 Subject: [PATCH 05/42] VIPMinimum ruleset: add PHPCSUtils requirement PHPCSUtils does not contain any sniffs, so adding this rule isn't strictly necessary, but by having the rule in the ruleset anyway, if PHPCSUtils is missing, the user will get a descriptive error message during the loading of the ruleset instead of a fatal "class not found" error once the sniffs start running. Adding this only in the `WordPressVIPMinimum` ruleset is sufficient as the `WordPress-VIP-Go` ruleset includes `WordPressVIPMinimum`. --- WordPressVIPMinimum/ruleset.xml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/WordPressVIPMinimum/ruleset.xml b/WordPressVIPMinimum/ruleset.xml index ae8347d4..87394301 100644 --- a/WordPressVIPMinimum/ruleset.xml +++ b/WordPressVIPMinimum/ruleset.xml @@ -1,6 +1,16 @@ WordPress VIP Minimum Coding Standards + + + + From f70d6ac99b5b347fd806f73f4c53fddea842f943 Mon Sep 17 00:00:00 2001 From: Gary Jones Date: Tue, 20 Dec 2022 01:40:24 +0000 Subject: [PATCH 06/42] AbstractVariableRestrictionsSniff: use PHPCSUtils MessageHelper::addMessage This is more tested than the WPCS Sniff::addMessage(). --- .../Sniffs/AbstractVariableRestrictionsSniff.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php index 89234f2e..1f1b04ee 100644 --- a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php @@ -9,7 +9,7 @@ namespace WordPressVIPMinimum\Sniffs; -use WordPressVIPMinimum\Sniffs\Sniff; +use PHPCSUtils\Utils\MessageHelper; /** * Restricts usage of some variables. @@ -200,11 +200,13 @@ public function process_token( $stackPtr ) { continue; } - $this->addMessage( + $code = MessageHelper::stringToErrorcode( $groupName . '_' . $match[1] ); + MessageHelper::addMessage( + $this->phpcsFile, $group['message'], $stackPtr, $group['type'] === 'error', - $this->string_to_errorcode( $groupName . '_' . $match[1] ), + $code, [ $var ] ); From 6101474e001ead783af5c0876db36606145cba82 Mon Sep 17 00:00:00 2001 From: Gary Jones Date: Tue, 20 Dec 2022 01:16:36 +0000 Subject: [PATCH 07/42] Sniff::find_array_open_close(): PHPCSUtils version --- .../Sniffs/Hooks/AlwaysReturnInFilterSniff.php | 5 +++-- WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php index 03cc8a78..5c77ba61 100644 --- a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php +++ b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php @@ -7,8 +7,9 @@ namespace WordPressVIPMinimum\Sniffs\Hooks; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\Utils\Arrays; +use WordPressVIPMinimum\Sniffs\Sniff; /** * This sniff validates that filters always return a value @@ -96,7 +97,7 @@ public function process_token( $stackPtr ) { */ private function processArray( $stackPtr ) { - $open_close = $this->find_array_open_close( $stackPtr ); + $open_close = Arrays::getOpenClose( $this->phpcsFile, $stackPtr ); if ( $open_close === false ) { return; } diff --git a/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php b/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php index ddcf4fac..09ee720c 100644 --- a/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php @@ -7,8 +7,9 @@ namespace WordPressVIPMinimum\Sniffs\Hooks; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\Utils\Arrays; +use WordPressVIPMinimum\Sniffs\Sniff; /** * This sniff validates a proper usage of pre_get_posts action callback. @@ -97,7 +98,7 @@ public function process_token( $stackPtr ) { */ private function processArray( $stackPtr ) { - $open_close = $this->find_array_open_close( $stackPtr ); + $open_close = Arrays::getOpenClose( $this->phpcsFile, $stackPtr ); if ( $open_close === false ) { return; } From 08ab57d26d197990efd9f4e8d602e574d3fbb548 Mon Sep 17 00:00:00 2001 From: Gary Jones Date: Tue, 20 Dec 2022 01:20:47 +0000 Subject: [PATCH 08/42] Sniff::get_function_call_parameter(): PHPCSUtils --- WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php b/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php index 1cb40e9b..d0a2fb61 100644 --- a/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php +++ b/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php @@ -8,8 +8,9 @@ namespace WordPressVIPMinimum\Sniffs\Constants; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\Utils\PassedParameters; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Sniff for properly using constant name when checking whether a constant is defined. @@ -55,7 +56,7 @@ public function process_token( $stackPtr ) { return; } - $param = $this->get_function_call_parameter( $stackPtr, 1 ); + $param = PassedParameters::getParameter( $this->phpcsFile, $stackPtr, 1, 'constant_name' ); if ( $param === false ) { // Target parameter not found. return; From 9c8d98b4f7eb5e6f331e7d428310b5eef58f2dbe Mon Sep 17 00:00:00 2001 From: Gary Jones Date: Tue, 20 Dec 2022 01:13:33 +0000 Subject: [PATCH 09/42] Sniff::strip_quotes(): use PHPCSUtils version --- WordPressVIPMinimum/Sniffs/Functions/DynamicCallsSniff.php | 3 ++- .../Sniffs/Performance/LowExpiryCacheTimeSniff.php | 3 ++- .../Sniffs/Security/ProperEscapingFunctionSniff.php | 5 +++-- WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php | 5 +++-- .../Sniffs/UserExperience/AdminBarRemovalSniff.php | 5 +++-- 5 files changed, 13 insertions(+), 8 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Functions/DynamicCallsSniff.php b/WordPressVIPMinimum/Sniffs/Functions/DynamicCallsSniff.php index c069696f..ca2f2acc 100644 --- a/WordPressVIPMinimum/Sniffs/Functions/DynamicCallsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Functions/DynamicCallsSniff.php @@ -8,6 +8,7 @@ namespace WordPressVIPMinimum\Sniffs\Functions; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\Utils\TextStrings; use WordPressVIPMinimum\Sniffs\Sniff; /** @@ -139,7 +140,7 @@ private function collect_variables() { * If we reached the end of the loop and the $value_ptr was set, we know for sure * this was a plain text string variable assignment. */ - $current_var_value = $this->strip_quotes( $this->tokens[ $value_ptr ]['content'] ); + $current_var_value = TextStrings::stripQuotes( $this->tokens[ $value_ptr ]['content'] ); if ( isset( $this->disallowed_functions[ $current_var_value ] ) === false ) { // Text string is not one of the ones we're looking for. diff --git a/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php b/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php index 7bc8ca32..54f2b19c 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php @@ -8,6 +8,7 @@ namespace WordPressVIPMinimum\Sniffs\Performance; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\Utils\TextStrings; use WordPressCS\WordPress\AbstractFunctionParameterSniff; /** @@ -149,7 +150,7 @@ public function process_parameters( $stackPtr, $group_name, $matched_content, $p } if ( $this->tokens[ $i ]['code'] === T_CONSTANT_ENCAPSED_STRING ) { - $content = $this->strip_quotes( $this->tokens[ $i ]['content'] ); + $content = TextStrings::stripQuotes( $this->tokens[ $i ]['content'] ); if ( is_numeric( $content ) === true ) { $tokensAsString .= $content; continue; diff --git a/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php b/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php index 416ae604..5548c865 100644 --- a/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php @@ -8,8 +8,9 @@ namespace WordPressVIPMinimum\Sniffs\Security; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\Utils\TextStrings; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Checks whether proper escaping function is used. @@ -195,7 +196,7 @@ public function process_token( $stackPtr ) { $content = $this->tokens[ $html ]['content']; if ( isset( Tokens::$stringTokens[ $this->tokens[ $html ]['code'] ] ) === true ) { - $content = Sniff::strip_quotes( $content ); + $content = TextStrings::stripQuotes( $content ); } $escaping_type = $this->escaping_functions[ $function_name ]; diff --git a/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php b/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php index b15114ea..f76e773e 100644 --- a/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs\Security; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\Utils\TextStrings; use WordPressVIPMinimum\Sniffs\Sniff; /** @@ -72,7 +73,7 @@ public function process_token( $stackPtr ) { /* * Ignore Gruntfile.js files as they are configuration, not code. */ - $file_name = $this->strip_quotes( $this->phpcsFile->getFileName() ); + $file_name = TextStrings::stripQuotes( $this->phpcsFile->getFileName() ); $file_name = strtolower( basename( $file_name ) ); if ( $file_name === 'gruntfile.js' ) { @@ -120,7 +121,7 @@ public function process_token( $stackPtr ) { return; } - $content = $this->strip_quotes( $this->tokens[ $stackPtr ]['content'] ); + $content = TextStrings::stripQuotes( $this->tokens[ $stackPtr ]['content'] ); $match_count = preg_match_all( self::UNESCAPED_INTERPOLATE_REGEX, $content, $matches ); if ( $match_count > 0 ) { diff --git a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php index 6d95cb34..7830e2db 100644 --- a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php +++ b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs\UserExperience; +use PHPCSUtils\Utils\TextStrings; use WordPressCS\WordPress\AbstractFunctionParameterSniff; use PHP_CodeSniffer\Util\Tokens; @@ -208,13 +209,13 @@ public function process_parameters( $stackPtr, $group_name, $matched_content, $p break; case 'add_filter': - $filter_name = $this->strip_quotes( $parameters[1]['raw'] ); + $filter_name = TextStrings::stripQuotes( $parameters[1]['raw'] ); if ( $filter_name !== 'show_admin_bar' ) { break; } $error = true; - if ( $this->remove_only === true && isset( $parameters[2]['raw'] ) && $this->strip_quotes( $parameters[2]['raw'] ) === '__return_true' ) { + if ( $this->remove_only === true && isset( $parameters[2]['raw'] ) && TextStrings::stripQuotes( $parameters[2]['raw'] ) === '__return_true' ) { $error = false; } break; From c00cb4f983013b4637444d83e43627b768f70538 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 14:52:21 +0200 Subject: [PATCH 10/42] Classes/DeclarationCompatibility: use PHPCSUtils to retrieve class/method names --- .../Sniffs/Classes/DeclarationCompatibilitySniff.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php index 9c76bd25..6f8745f0 100644 --- a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php +++ b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php @@ -9,6 +9,8 @@ use PHP_CodeSniffer\Files\File; use PHP_CodeSniffer\Sniffs\AbstractScopeSniff; +use PHPCSUtils\Utils\FunctionDeclarations; +use PHPCSUtils\Utils\ObjectDeclarations; /** * Class WordPressVIPMinimum_Sniffs_Classes_DeclarationCompatibilitySniff @@ -201,13 +203,13 @@ public function __construct() { */ protected function processTokenWithinScope( File $phpcsFile, $stackPtr, $currScope ) { - $className = $phpcsFile->getDeclarationName( $currScope ); + $className = ObjectDeclarations::getName( $phpcsFile, $currScope ); if ( $className !== $this->currentClass ) { $this->currentClass = $className; } - $methodName = $phpcsFile->getDeclarationName( $stackPtr ); + $methodName = FunctionDeclarations::getName( $phpcsFile, $stackPtr ); $parentClassName = $phpcsFile->findExtendedClassName( $currScope ); if ( $parentClassName === false ) { From 51faf2d01b57e02578d9831b2df337dc4fa3de58 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 14:54:06 +0200 Subject: [PATCH 11/42] Classes/DeclarationCompatibility: use PHPCSUtils to retrieve function parameters --- .../Sniffs/Classes/DeclarationCompatibilitySniff.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php index 6f8745f0..200facc4 100644 --- a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php +++ b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php @@ -244,7 +244,7 @@ protected function processTokenWithinScope( File $phpcsFile, $stackPtr, $currSco return; } - $signatureParams = $phpcsFile->getMethodParameters( $stackPtr ); + $signatureParams = FunctionDeclarations::getParameters( $phpcsFile, $stackPtr ); $parentSignature = $this->checkClasses[ $parentClassName ][ $methodName ]; From 8e4c149bdf7b57acdbcd16aa6fdb75024edef4d4 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 14:55:37 +0200 Subject: [PATCH 12/42] Hooks/AlwaysReturnInFilter: use PHPCSUtils to retrieve function declaration info --- WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php index 5c77ba61..f3544e6b 100644 --- a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php +++ b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php @@ -9,6 +9,7 @@ use PHP_CodeSniffer\Util\Tokens; use PHPCSUtils\Utils\Arrays; +use PHPCSUtils\Utils\FunctionDeclarations; use WordPressVIPMinimum\Sniffs\Sniff; /** @@ -186,7 +187,7 @@ private function processFunctionBody( $stackPtr ) { $filterName = $this->tokens[ $this->filterNamePtr ]['content']; - $methodProps = $this->phpcsFile->getMethodProperties( $stackPtr ); + $methodProps = FunctionDeclarations::getProperties( $this->phpcsFile, $stackPtr ); if ( $methodProps['is_abstract'] === true ) { $message = 'The callback for the `%s` filter hook-in points to an abstract method. Please ensure that child class implementations of this method always return a value.'; $data = [ $filterName ]; From 4fdb103b732a3a1024ef11f071f11cbe9877ccc6 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 15:07:38 +0200 Subject: [PATCH 13/42] UserExperience/AdminBarRemoval: use PHPCSUtils for retrieving tokens as string --- .../Sniffs/UserExperience/AdminBarRemovalSniff.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php index 7830e2db..20c1d853 100644 --- a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php +++ b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs\UserExperience; +use PHPCSUtils\Utils\GetTokensAsString; use PHPCSUtils\Utils\TextStrings; use WordPressCS\WordPress\AbstractFunctionParameterSniff; use PHP_CodeSniffer\Util\Tokens; @@ -344,7 +345,7 @@ protected function process_css_style( $stackPtr ) { } } $start = ( $i + 1 ); - $selector = trim( $this->phpcsFile->getTokensAsString( $start, $opener - $start ) ); + $selector = trim( GetTokensAsString::normal( $this->phpcsFile, $start, ( $opener - 1 ) ) ); unset( $i ); foreach ( $this->target_css_selectors as $target_selector ) { From 4b5b0774d3c6283dc11be3faedabeb7aab319a58 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 15:10:45 +0200 Subject: [PATCH 14/42] AbstractVariableRestrictions: use PHPCSUtils for retrieving tokens as string --- .../Sniffs/AbstractVariableRestrictionsSniff.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php index 1f1b04ee..61d3ed7d 100644 --- a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs; +use PHPCSUtils\Utils\GetTokensAsString; use PHPCSUtils\Utils\MessageHelper; /** @@ -179,7 +180,7 @@ public function process_token( $stackPtr ) { if ( isset( $token['bracket_closer'] ) ) { $owner = $this->phpcsFile->findPrevious( \T_VARIABLE, $stackPtr ); - $inside = $this->phpcsFile->getTokensAsString( $stackPtr, $token['bracket_closer'] - $stackPtr + 1 ); + $inside = GetTokensAsString::normal( $this->phpcsFile, $stackPtr, $token['bracket_closer'] ); $var = implode( '', [ $this->tokens[ $owner ]['content'], $inside ] ); } } From d0e14efef7603ce4fc74a422cc8f1c0f897e8d4e Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 15:14:57 +0200 Subject: [PATCH 15/42] Use PHPCSUtils BackCompat for find[Start|End]ofStatement() --- WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php | 3 ++- .../Sniffs/Security/ProperEscapingFunctionSniff.php | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php b/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php index 5165f36c..09ec5081 100644 --- a/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php +++ b/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php @@ -9,6 +9,7 @@ use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\BackCompat\BCFile; /** * Ensure that non-PHP files are included via `file_get_contents()` instead of using `include/require[_once]`. @@ -59,7 +60,7 @@ public function register() { * @return void */ public function process_token( $stackPtr ) { - $end_of_statement = $this->phpcsFile->findEndOfStatement( $stackPtr ); + $end_of_statement = BCFile::findEndOfStatement( $this->phpcsFile, $stackPtr ); $curStackPtr = ( $end_of_statement + 1 ); do { diff --git a/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php b/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php index 5548c865..1341e590 100644 --- a/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs\Security; use PHP_CodeSniffer\Util\Tokens; +use PHPCSUtils\BackCompat\BCFile; use PHPCSUtils\Utils\TextStrings; use WordPressVIPMinimum\Sniffs\Sniff; @@ -179,7 +180,7 @@ public function process_token( $stackPtr ) { if ( $this->in_short_echo !== false ) { $ignore[ T_COMMA ] = T_COMMA; } else { - $start_of_statement = $this->phpcsFile->findStartOfStatement( $stackPtr, T_COMMA ); + $start_of_statement = BCFile::findStartOfStatement( $this->phpcsFile, $stackPtr, T_COMMA ); if ( $this->tokens[ $start_of_statement ]['code'] === T_ECHO ) { $ignore[ T_COMMA ] = T_COMMA; } From 02888e6a8bf66c12f3f594ad97336309d70a7221 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 15:16:25 +0200 Subject: [PATCH 16/42] Classes/DeclarationCompatibility: use PHPCSUtils for retrieving name of extended class --- .../Sniffs/Classes/DeclarationCompatibilitySniff.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php index 200facc4..a1e80c97 100644 --- a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php +++ b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php @@ -211,7 +211,7 @@ protected function processTokenWithinScope( File $phpcsFile, $stackPtr, $currSco $methodName = FunctionDeclarations::getName( $phpcsFile, $stackPtr ); - $parentClassName = $phpcsFile->findExtendedClassName( $currScope ); + $parentClassName = ObjectDeclarations::findExtendedClassName( $phpcsFile, $currScope ); if ( $parentClassName === false ) { // This class does not extend any other class. return; From 5eabb29b57738c5990f0d0fe436088ce6ccd2320 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Mon, 27 Jul 2020 21:10:50 +0200 Subject: [PATCH 17/42] Sniff: use an import `use` statement --- WordPressVIPMinimum/Sniffs/Sniff.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/Sniff.php b/WordPressVIPMinimum/Sniffs/Sniff.php index dfad0381..0f4c9c40 100644 --- a/WordPressVIPMinimum/Sniffs/Sniff.php +++ b/WordPressVIPMinimum/Sniffs/Sniff.php @@ -9,6 +9,8 @@ namespace WordPressVIPMinimum\Sniffs; +use WordPressCS\WordPress\Sniff as WPCS_Sniff; + /** * Represents a WordPress\Sniff for sniffing VIP coding standards. * @@ -16,5 +18,5 @@ * * @package VIPCS\WordPressVIPMinimum */ -abstract class Sniff extends \WordPressCS\WordPress\Sniff { +abstract class Sniff extends WPCS_Sniff { } From abca2e664deeb0901b1de93c4b4328e49e5f1f13 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Wed, 23 Aug 2023 18:15:12 +0200 Subject: [PATCH 18/42] CS: use alphabetically ordered import use statements --- .../Sniffs/Constants/RestrictedConstantsSniff.php | 2 +- WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php | 2 +- WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php | 2 +- WordPressVIPMinimum/Sniffs/Functions/CheckReturnValueSniff.php | 2 +- .../Sniffs/Functions/RestrictedFunctionsSniff.php | 2 +- WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php | 2 +- WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php | 2 +- WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php | 2 +- WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php | 2 +- WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php | 2 +- WordPressVIPMinimum/Sniffs/JS/WindowSniff.php | 2 +- .../Sniffs/Performance/CacheValueOverrideSniff.php | 2 +- .../Sniffs/Performance/FetchingRemoteDataSniff.php | 2 +- .../Sniffs/Performance/TaxonomyMetaInOptionsSniff.php | 2 +- WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php | 2 +- .../Sniffs/Security/EscapingVoidReturnFunctionsSniff.php | 2 +- WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php | 2 +- WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php | 2 +- .../Sniffs/UserExperience/AdminBarRemovalSniff.php | 2 +- 19 files changed, 19 insertions(+), 19 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php b/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php index 92d1f7dc..b6507a2d 100644 --- a/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php @@ -8,8 +8,8 @@ namespace WordPressVIPMinimum\Sniffs\Constants; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Restricts usage of some constants. diff --git a/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php b/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php index ded0a4ed..14fce7c9 100644 --- a/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php +++ b/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\Files; -use WordPressCS\WordPress\AbstractFunctionRestrictionsSniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressCS\WordPress\AbstractFunctionRestrictionsSniff; /** * WordPressVIPMinimum_Sniffs_Files_IncludingFileSniff. diff --git a/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php b/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php index 09ec5081..4b32b17c 100644 --- a/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php +++ b/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php @@ -7,9 +7,9 @@ namespace WordPressVIPMinimum\Sniffs\Files; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; use PHPCSUtils\BackCompat\BCFile; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Ensure that non-PHP files are included via `file_get_contents()` instead of using `include/require[_once]`. diff --git a/WordPressVIPMinimum/Sniffs/Functions/CheckReturnValueSniff.php b/WordPressVIPMinimum/Sniffs/Functions/CheckReturnValueSniff.php index 20f4bfeb..5eb40b2f 100644 --- a/WordPressVIPMinimum/Sniffs/Functions/CheckReturnValueSniff.php +++ b/WordPressVIPMinimum/Sniffs/Functions/CheckReturnValueSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\Functions; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * This sniff enforces checking the return value of a function before passing it to another one. diff --git a/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php index 026f7e0d..c37a3ab9 100644 --- a/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\Functions; -use WordPressCS\WordPress\AbstractFunctionRestrictionsSniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressCS\WordPress\AbstractFunctionRestrictionsSniff; /** * Restricts usage of some functions in VIP context. diff --git a/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php b/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php index c06e1ef7..f2f5123a 100644 --- a/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\JS; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * WordPressVIPMinimum_Sniffs_JS_DangerouslySetInnerHTMLSniff. diff --git a/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php index 4e76fbfa..b0c60225 100644 --- a/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\JS; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * WordPressVIPMinimum_Sniffs_JS_HTMLExecutingFunctions. diff --git a/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php b/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php index b9f96abc..a46e3504 100644 --- a/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\JS; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * WordPressVIPMinimum_Sniffs_JS_InnerHTMLSniff. diff --git a/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php b/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php index 4266921b..06247d37 100644 --- a/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\JS; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * WordPressVIPMinimum_Sniffs_JS_StringConcatSniff. diff --git a/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php b/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php index 21417e69..86607d3e 100644 --- a/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\JS; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * WordPressVIPMinimum_Sniffs_JS_StrippingTagsSniff. diff --git a/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php b/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php index c1389176..20e270d0 100644 --- a/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\JS; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * WordPressVIPMinimum_Sniffs_JS_WindowSniff. diff --git a/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php b/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php index e47fa9d9..01141511 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php @@ -7,8 +7,8 @@ namespace WordPressVIPMinimum\Sniffs\Performance; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * This sniff check whether a cached value is being overridden. diff --git a/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php b/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php index 4aca7b80..b3387357 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php @@ -8,8 +8,8 @@ namespace WordPressVIPMinimum\Sniffs\Performance; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Restricts usage of file_get_contents(). diff --git a/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php index c9c815be..e47279a3 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php @@ -8,8 +8,8 @@ namespace WordPressVIPMinimum\Sniffs\Performance; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Restricts the implementation of taxonomy term meta via options. diff --git a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php index 78da5329..e9cabca4 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php @@ -8,8 +8,8 @@ namespace WordPressVIPMinimum\Sniffs\Performance; -use WordPressCS\WordPress\AbstractArrayAssignmentRestrictionsSniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressCS\WordPress\AbstractArrayAssignmentRestrictionsSniff; /** * Flag suspicious WP_Query and get_posts params. diff --git a/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php index 7a27a6c9..e9fbc0c3 100644 --- a/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php @@ -8,8 +8,8 @@ namespace WordPressVIPMinimum\Sniffs\Security; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Flag functions that don't return anything, yet are wrapped in an escaping function call. diff --git a/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php b/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php index dfacc425..84aa9a01 100644 --- a/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php @@ -8,8 +8,8 @@ namespace WordPressVIPMinimum\Sniffs\Security; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Require `exit;` being called after wp_redirect and wp_safe_redirect. diff --git a/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php b/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php index 3d57edcc..7d754a5e 100644 --- a/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php @@ -8,8 +8,8 @@ namespace WordPressVIPMinimum\Sniffs\Security; -use WordPressVIPMinimum\Sniffs\Sniff; use PHP_CodeSniffer\Util\Tokens; +use WordPressVIPMinimum\Sniffs\Sniff; /** * Restricts usage of str_replace with all 3 params being static. diff --git a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php index 20c1d853..57571bf7 100644 --- a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php +++ b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php @@ -9,10 +9,10 @@ namespace WordPressVIPMinimum\Sniffs\UserExperience; +use PHP_CodeSniffer\Util\Tokens; use PHPCSUtils\Utils\GetTokensAsString; use PHPCSUtils\Utils\TextStrings; use WordPressCS\WordPress\AbstractFunctionParameterSniff; -use PHP_CodeSniffer\Util\Tokens; /** * Discourages removal of the admin bar. From 0301892d7e27bd884d1d9199db5420ad51505c5e Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 10:15:38 +0200 Subject: [PATCH 19/42] Composer: update WordPressCS + PHPCS dependencies WordPressCS 3.0.0 has been released and requires a minimum PHPCS version of 3.7.2. This commit updates the WordPressCS and PHPCS dependencies and the documentation referring to those, in all the relevant places. Includes: * Removing the DealerDirect plugin from `require` as it comes with WordPressCS 3.0.0 automatically (via PHPCSUtils) and not having the explicit dependency may prevent conflicts with allowed versions in the future. * Updating the PHP version on which the CS check for the VIPCS native code is being run. With WPCS 3.0, this check is no longer limited to PHP 7.4. * Removing a work-around for WPCS < 3.0 vs PHP 8.0 * Updating the VIPCS native `.phpcs.xml.dist` ruleset. Ref: https://github.com/WordPress/WordPress-Coding-Standards/releases/tag/3.0.0 --- .github/workflows/basics.yml | 2 +- .github/workflows/quicktest.yml | 13 ++++++------- .github/workflows/test.yml | 9 +++------ .phpcs.xml.dist | 2 +- README.md | 6 +++--- composer.json | 4 ++-- 6 files changed, 16 insertions(+), 20 deletions(-) diff --git a/.github/workflows/basics.yml b/.github/workflows/basics.yml index 9392d9a8..9ce6955c 100644 --- a/.github/workflows/basics.yml +++ b/.github/workflows/basics.yml @@ -29,7 +29,7 @@ jobs: - name: Install PHP uses: shivammathur/setup-php@v2 with: - php-version: '7.4' + php-version: 'latest' coverage: none tools: cs2pr diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index bab7311f..350c09d2 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -28,17 +28,17 @@ jobs: include: - php: '5.4' phpcs_version: 'dev-master' - wpcs_version: '2.3.*' + wpcs_version: '3.0.*' - php: '5.4' - phpcs_version: '3.7.1' - wpcs_version: '2.3.*' + phpcs_version: '3.7.2' + wpcs_version: '3.0.*' - php: 'latest' phpcs_version: 'dev-master' - wpcs_version: '2.3.*' + wpcs_version: '3.0.*' - php: 'latest' - phpcs_version: '3.7.1' - wpcs_version: '2.3.*' + phpcs_version: '3.7.2' + wpcs_version: '3.0.*' name: "QTest${{ matrix.phpcs_version == 'dev-master' && ' + Lint' || '' }}: PHP ${{ matrix.php }} - PHPCS ${{ matrix.phpcs_version }}" @@ -48,7 +48,6 @@ jobs: # On stable PHPCS versions, allow for PHP deprecation notices. # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. - # Note: the "elif" condition is temporary and should be removed once VIPCS updates to WPCS 3.0+. - name: Setup ini config id: set_ini run: | diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index c0f698fd..0de1b5eb 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -72,13 +72,13 @@ jobs: # no additional versions are included in the array. matrix: php: ['5.4', '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2'] - phpcs_version: ['3.7.1', 'dev-master'] - wpcs_version: ['2.3.*'] + phpcs_version: ['3.7.2', 'dev-master'] + wpcs_version: ['3.0.*'] include: - php: '8.3' phpcs_version: 'dev-master' - wpcs_version: '2.3.*' + wpcs_version: '3.0.*' name: "Test: PHP ${{ matrix.php }} - PHPCS ${{ matrix.phpcs_version }} - WPCS ${{ matrix.wpcs_version }}" @@ -90,14 +90,11 @@ jobs: # On stable PHPCS versions, allow for PHP deprecation notices. # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. - # Note: the "elif" condition is temporary and should be removed once VIPCS updates to WPCS 3.0+. - name: Setup ini config id: set_ini run: | if [[ "${{ matrix.phpcs_version }}" != "dev-master" ]]; then echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED' >> $GITHUB_OUTPUT - elif [[ "${{ matrix.php }}" == "8.1" ]]; then - echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED' >> $GITHUB_OUTPUT else echo 'PHP_INI=error_reporting=-1' >> $GITHUB_OUTPUT fi diff --git a/.phpcs.xml.dist b/.phpcs.xml.dist index 0b06835d..c7bf32d6 100644 --- a/.phpcs.xml.dist +++ b/.phpcs.xml.dist @@ -20,7 +20,7 @@ - + diff --git a/README.md b/README.md index 1bcb6465..1006b175 100644 --- a/README.md +++ b/README.md @@ -16,9 +16,9 @@ Go to https://docs.wpvip.com/technical-references/code-review/phpcs-report/ to l ## Minimal requirements * PHP 5.4+ -* [PHPCS 3.7.1+](https://github.com/squizlabs/PHP_CodeSniffer/releases) +* [PHPCS 3.7.2+](https://github.com/squizlabs/PHP_CodeSniffer/releases) * [PHPCSUtils 1.0.8+](https://github.com/PHPCSStandards/PHPCSUtils) -* [WPCS 2.3.0+](https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/releases) +* [WPCS 3.0.0+](https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/releases) * [VariableAnalysis 2.11.17+](https://github.com/sirbrillig/phpcs-variable-analysis/releases) ## Installation @@ -35,7 +35,7 @@ composer g config allow-plugins.dealerdirect/phpcodesniffer-composer-installer t composer g require automattic/vipwpcs ``` -This will install the latest compatible versions of PHPCS, PHPCSUtils, WPCS and VariableAnalysis and register the external standards with PHP_CodeSniffer. +This will install the latest compatible versions of PHPCS, PHPCSUtils, PHPCSExtra, WPCS and VariableAnalysis and register the external standards with PHP_CodeSniffer. Please refer to the [installation instructions for installing PHP_CodeSniffer for WordPress.com VIP](https://docs.wpvip.com/how-tos/code-review/php_codesniffer/) for more details. diff --git a/composer.json b/composer.json index 005944eb..47ff77c0 100644 --- a/composer.json +++ b/composer.json @@ -19,8 +19,8 @@ "php": ">=5.4", "phpcsstandards/phpcsutils": "^1.0.8", "sirbrillig/phpcs-variable-analysis": "^2.11.17", - "squizlabs/php_codesniffer": "^3.7.1", - "wp-coding-standards/wpcs": "^2.3" + "squizlabs/php_codesniffer": "^3.7.2", + "wp-coding-standards/wpcs": "^3.0" }, "require-dev": { "php-parallel-lint/php-parallel-lint": "^1.3.2", From d30a3033ad107effd3d12856622f4058b64e3815 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 7 Mar 2023 01:05:46 +0100 Subject: [PATCH 20/42] WPCS 3.0 | Revert previously applied work-arounds These are no longer needed with WPCS 3.0.0. Ref: 746 --- .phpcs.xml.dist | 1 - tests/RulesetTest.php | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.phpcs.xml.dist b/.phpcs.xml.dist index c7bf32d6..a0049b7b 100644 --- a/.phpcs.xml.dist +++ b/.phpcs.xml.dist @@ -19,7 +19,6 @@ - diff --git a/tests/RulesetTest.php b/tests/RulesetTest.php index 41a95074..f6fed8fe 100644 --- a/tests/RulesetTest.php +++ b/tests/RulesetTest.php @@ -148,7 +148,7 @@ private function collect_phpcs_result() { } $shell = sprintf( - '%1$s%2$s --severity=1 --standard=%3$s --report=json --runtime-set minimum_supported_wp_version 0 ./%3$s/ruleset-test.inc', + '%1$s%2$s --severity=1 --standard=%3$s --report=json ./%3$s/ruleset-test.inc', $php, // Current PHP executable if available. $this->phpcs_bin, $this->ruleset From 4198a6dcbe5c83093272a32c280913023f248f3f Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 13:54:20 +0200 Subject: [PATCH 21/42] Security/EscapingVoidReturnFunctions: switch to using WPCS PrintingFunctionsTrait Note: this does mean that the sniff will now also support a `public` `customPrintingFunctions` property which can be adjusted in a custom ruleset. Co-authored-by: Gary Jones --- .../Sniffs/Security/EscapingVoidReturnFunctionsSniff.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php index e9fbc0c3..3b808d9e 100644 --- a/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs\Security; use PHP_CodeSniffer\Util\Tokens; +use WordPressCS\WordPress\Helpers\PrintingFunctionsTrait; use WordPressVIPMinimum\Sniffs\Sniff; /** @@ -16,10 +17,14 @@ * * E.g. esc_html( _e( 'foo' ) ); * - * @package VIPCS\WordPressVIPMinimum + * @package VIPCS\WordPressVIPMinimum + * + * @uses \WordPressCS\WordPress\Helpers\PrintingFunctionsTrait::$customPrintingFunctions */ class EscapingVoidReturnFunctionsSniff extends Sniff { + use PrintingFunctionsTrait; + /** * Returns an array of tokens this test wants to listen for. * @@ -59,7 +64,7 @@ public function process_token( $stackPtr ) { return; } - if ( isset( $this->printingFunctions[ $this->tokens[ $next_token ]['content'] ] ) ) { + if ( $this->is_printing_function( $this->tokens[ $next_token ]['content'] ) ) { $message = 'Attempting to escape `%s()` which is printing its output.'; $data = [ $this->tokens[ $next_token ]['content'] ]; $this->phpcsFile->addError( $message, $stackPtr, 'Found', $data ); From f124466a060ba6fc9795ef392b081957aa5da598 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 13:54:52 +0200 Subject: [PATCH 22/42] AbstractVariableRestrictionsSniff: use WPCS ContextHelper::is_in_isset_or_empty() Co-authored-by: Gary Jones --- .../Sniffs/AbstractVariableRestrictionsSniff.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php index 61d3ed7d..73e0efb3 100644 --- a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php @@ -11,6 +11,7 @@ use PHPCSUtils\Utils\GetTokensAsString; use PHPCSUtils\Utils\MessageHelper; +use WordPressCS\WordPress\Helpers\ContextHelper; /** * Restricts usage of some variables. @@ -144,7 +145,7 @@ public function process_token( $stackPtr ) { } } - if ( $this->is_in_isset_or_empty( $stackPtr ) === true ) { + if ( ContextHelper::is_in_isset_or_empty( $this->phpcsFile, $stackPtr ) === true ) { // Checking whether a variable exists is not the same as using it. return; } From 1a8b51c1cd199c434d4db4063d5ec534f1661596 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 13:55:11 +0200 Subject: [PATCH 23/42] AbstractVariableRestrictionsSniff: use WPCS RulesetPropertyHelper::merge_custom_array() Co-authored-by: Gary Jones --- .../Sniffs/AbstractVariableRestrictionsSniff.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php index 73e0efb3..ebbfc97f 100644 --- a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php @@ -12,6 +12,7 @@ use PHPCSUtils\Utils\GetTokensAsString; use PHPCSUtils\Utils\MessageHelper; use WordPressCS\WordPress\Helpers\ContextHelper; +use WordPressCS\WordPress\Helpers\RulesetPropertyHelper; /** * Restricts usage of some variables. @@ -129,7 +130,7 @@ public function process_token( $stackPtr ) { $token = $this->tokens[ $stackPtr ]; - $this->excluded_groups = static::merge_custom_array( $this->exclude ); + $this->excluded_groups = RulesetPropertyHelper::merge_custom_array( $this->exclude ); if ( array_diff_key( $this->groups_cache, $this->excluded_groups ) === [] ) { // All groups have been excluded. // Don't remove the listener as the exclude property can be changed inline. From 29920a067dbe4bd085ba305461a2c4a7d8342c82 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 13:57:16 +0200 Subject: [PATCH 24/42] AbstractArrayAssignmentRestrictions children: adjust for changes in received `$val` The `$val` parameter received by the `callback()` method will no longer automatically have been stripped of quotes. This adjusts the `callback()` methods of the sniff which extend the WPCS `AbstractArrayAssignmentRestrictions` sniff to take this into account. --- WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php | 2 +- WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php | 4 +++- WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php | 2 ++ 3 files changed, 6 insertions(+), 2 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php b/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php index 588074ba..9fe38793 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php @@ -52,6 +52,6 @@ public function getGroups() { public function callback( $key, $val, $line, $group ) { $key = strtolower( $key ); - return ( $key === 'nopaging' && ( $val === 'true' || $val === 1 ) ); + return ( $key === 'nopaging' && ( $val === 'true' || $val === '1' ) ); } } diff --git a/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php b/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php index 3204da2d..69a324e8 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs\Performance; +use PHPCSUtils\Utils\TextStrings; use WordPressCS\WordPress\AbstractArrayAssignmentRestrictionsSniff; /** @@ -31,7 +32,7 @@ public function getGroups() { return [ 'orderby' => [ 'type' => 'error', - 'message' => 'Detected forbidden query_var "%s" of "%s". Use vip_get_random_posts() instead.', + 'message' => 'Detected forbidden query_var "%s" of %s. Use vip_get_random_posts() instead.', 'keys' => [ 'orderby', ], @@ -50,6 +51,7 @@ public function getGroups() { * @return bool FALSE if no match, TRUE if matches. */ public function callback( $key, $val, $line, $group ) { + $val = TextStrings::stripQuotes( $val ); return strtolower( $val ) === 'rand'; } } diff --git a/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php b/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php index 7067f686..f216d908 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php @@ -7,6 +7,7 @@ namespace WordPressVIPMinimum\Sniffs\Performance; +use PHPCSUtils\Utils\TextStrings; use WordPressCS\WordPress\AbstractArrayAssignmentRestrictionsSniff; /** @@ -45,6 +46,7 @@ public function getGroups() { * @return bool FALSE if no match, TRUE if matches. */ public function callback( $key, $val, $line, $group ) { + $val = TextStrings::stripQuotes( $val ); return ( strpos( $val, 'NOT REGEXP' ) === 0 || strpos( $val, 'REGEXP' ) === 0 ); From 71dbddd8f4a4d1b429ba55c79569aa63ea662892 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 26 Jul 2022 04:46:51 +0200 Subject: [PATCH 25/42] VIPMinimum ruleset: replace strict comparison sniff Includes adding PHPCSExtra to the `composer.json` configuration as that is now a direct dependency of VIPCS as VIPCS now uses one of its sniffs in the ruleset. Co-authored-by: Gary Jones --- WordPress-VIP-Go/ruleset-test.inc | 2 +- WordPress-VIP-Go/ruleset.xml | 2 +- WordPressVIPMinimum/ruleset-test.inc | 2 +- WordPressVIPMinimum/ruleset.xml | 4 +++- composer.json | 1 + 5 files changed, 7 insertions(+), 4 deletions(-) diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc index d151ad67..7503201a 100644 --- a/WordPress-VIP-Go/ruleset-test.inc +++ b/WordPress-VIP-Go/ruleset-test.inc @@ -165,7 +165,7 @@ rawurlencode(); // Ok. extract( array( 'a' => 1 ) ); // Error. $obj->extract(); // Ok. -// WordPress.PHP.StrictComparisons.LooseComparison +// Universal.Operators.StrictComparisons true == $true; // Warning. false === $true; // Ok. diff --git a/WordPress-VIP-Go/ruleset.xml b/WordPress-VIP-Go/ruleset.xml index 9ea7f34f..58b0911f 100644 --- a/WordPress-VIP-Go/ruleset.xml +++ b/WordPress-VIP-Go/ruleset.xml @@ -188,7 +188,7 @@ 3 - + 3 diff --git a/WordPressVIPMinimum/ruleset-test.inc b/WordPressVIPMinimum/ruleset-test.inc index 03fd7e06..93b151e7 100644 --- a/WordPressVIPMinimum/ruleset-test.inc +++ b/WordPressVIPMinimum/ruleset-test.inc @@ -72,7 +72,7 @@ new WP_Query( array( // WordPress.WP.GlobalVariablesOverride $GLOBALS['wpdb'] = 'test'; // Error. -// WordPress.PHP.StrictComparisons +// Universal.Operators.StrictComparisons if ( true == $true ) { // Warning. } diff --git a/WordPressVIPMinimum/ruleset.xml b/WordPressVIPMinimum/ruleset.xml index 87394301..70527b17 100644 --- a/WordPressVIPMinimum/ruleset.xml +++ b/WordPressVIPMinimum/ruleset.xml @@ -36,7 +36,9 @@ - + + warning + diff --git a/composer.json b/composer.json index 47ff77c0..7f4db735 100644 --- a/composer.json +++ b/composer.json @@ -17,6 +17,7 @@ ], "require": { "php": ">=5.4", + "phpcsstandards/phpcsextra": "^1.1.0", "phpcsstandards/phpcsutils": "^1.0.8", "sirbrillig/phpcs-variable-analysis": "^2.11.17", "squizlabs/php_codesniffer": "^3.7.2", From 6d05fffb309bc5fee67a95ed1ab81ff93bde6e45 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 11:14:58 +0200 Subject: [PATCH 26/42] VIPMinimum ruleset: replace assignment-in-condition sniff ... which has been split. --- WordPress-VIP-Go/ruleset-test.inc | 7 ++++++- WordPress-VIP-Go/ruleset-test.php | 1 + WordPress-VIP-Go/ruleset.xml | 5 ++++- WordPressVIPMinimum/ruleset-test.inc | 5 ++++- WordPressVIPMinimum/ruleset-test.php | 3 ++- WordPressVIPMinimum/ruleset.xml | 3 ++- 6 files changed, 19 insertions(+), 5 deletions(-) diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc index 7503201a..7d69fbe7 100644 --- a/WordPress-VIP-Go/ruleset-test.inc +++ b/WordPress-VIP-Go/ruleset-test.inc @@ -153,7 +153,7 @@ url_to_postid( $url ); // Warning + Message. wpcom_vip_old_slug_redirect(); // Ok. wp_old_slug_redirect(); // Warning. -// WordPress.CodeAnalysis.AssignmentInCondition.Found +// Generic.CodeAnalysis.AssignmentInCondition.Found if ($a = 123) { // Warning. } @@ -572,3 +572,8 @@ $_SERVER["REMOTE_ADDR"]; // Error. <<<<<<< HEAD // Error. >>>>>>> // Error. + + 1, 550 => 1, 556 => 1, + 579 => 1, ], 'messages' => [ 7 => [ diff --git a/WordPress-VIP-Go/ruleset.xml b/WordPress-VIP-Go/ruleset.xml index 58b0911f..13129fe1 100644 --- a/WordPress-VIP-Go/ruleset.xml +++ b/WordPress-VIP-Go/ruleset.xml @@ -179,7 +179,10 @@ 1 - + + 1 + + 1 diff --git a/WordPressVIPMinimum/ruleset-test.inc b/WordPressVIPMinimum/ruleset-test.inc index 93b151e7..0cef3c4b 100644 --- a/WordPressVIPMinimum/ruleset-test.inc +++ b/WordPressVIPMinimum/ruleset-test.inc @@ -76,7 +76,7 @@ $GLOBALS['wpdb'] = 'test'; // Error. if ( true == $true ) { // Warning. } -// WordPress.CodeAnalysis.AssignmentInCondition +// Generic.CodeAnalysis.AssignmentInCondition if ( $test = get_post( $post ) ) { // Warning. } @@ -614,6 +614,9 @@ class MyClass { >>>>>>> // Error. diff --git a/WordPressVIPMinimum/ruleset-test.php b/WordPressVIPMinimum/ruleset-test.php index 881da76b..05076415 100644 --- a/WordPressVIPMinimum/ruleset-test.php +++ b/WordPressVIPMinimum/ruleset-test.php @@ -197,7 +197,7 @@ 597 => 1, 612 => 1, 614 => 1, - 618 => 1, + 621 => 1, ], 'warnings' => [ 32 => 1, @@ -290,6 +290,7 @@ 559 => 1, 565 => 1, 589 => 1, + 618 => 1, ], 'messages' => [ 130 => [ diff --git a/WordPressVIPMinimum/ruleset.xml b/WordPressVIPMinimum/ruleset.xml index 70527b17..04695707 100644 --- a/WordPressVIPMinimum/ruleset.xml +++ b/WordPressVIPMinimum/ruleset.xml @@ -39,7 +39,8 @@ warning - + + From 436b0fe5bf9fbf8995e57283d2979d53be1ee095 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 11:16:42 +0200 Subject: [PATCH 27/42] VIPMinimum ruleset: update excludes for the WP/AlternativeFunctions sniff ... to prevent introducing new duplicate error messages. Co-authored-by: Gary Jones --- WordPress-VIP-Go/ruleset-test.inc | 2 +- WordPress-VIP-Go/ruleset.xml | 6 +++--- WordPressVIPMinimum/ruleset.xml | 28 +++++++++++++++++++++++++--- 3 files changed, 29 insertions(+), 7 deletions(-) diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc index 7d69fbe7..a2149ba6 100644 --- a/WordPress-VIP-Go/ruleset-test.inc +++ b/WordPress-VIP-Go/ruleset-test.inc @@ -59,7 +59,7 @@ if ( isset( $_SERVER['HTTP_USER_AGENT'] ) && $_SERVER['HTTP_USER_AGENT'] === 'so // Make sure nonce verification is done in global scope to silence notices about use of superglobals without later on in the file. isset( $_GET['my_nonce'] ) && wp_verify_nonce( sanitize_text_field( $_GET['my_nonce'] ) ); -// WordPress.WP.AlternativeFunctions.file_system_read_fopen +// WordPress.WP.AlternativeFunctions.file_system_operations_fopen fopen( 'file.txt', 'r' ); // Warning + Message. // WordPressVIPMinimum.Performance.FetchingRemoteData.FileGetContentsUnknown diff --git a/WordPress-VIP-Go/ruleset.xml b/WordPress-VIP-Go/ruleset.xml index 13129fe1..190bebc8 100644 --- a/WordPress-VIP-Go/ruleset.xml +++ b/WordPress-VIP-Go/ruleset.xml @@ -104,7 +104,7 @@ This includes potential security holes as well as functions that may bring down sites for performance reasons. --> - + File system operations only work on the `/tmp/` and `wp-content/uploads/` directories. To avoid unexpected results, please use helper functions like `get_temp_dir()` or `wp_get_upload_dir()` to get the proper directory path when using functions such as %s(). For more details, please see: https://docs.wpvip.com/technical-references/vip-go-files-system/local-file-operations/ @@ -249,10 +249,10 @@ 0 - + 0 - + 0 diff --git a/WordPressVIPMinimum/ruleset.xml b/WordPressVIPMinimum/ruleset.xml index 04695707..13670326 100644 --- a/WordPressVIPMinimum/ruleset.xml +++ b/WordPressVIPMinimum/ruleset.xml @@ -135,10 +135,32 @@ - - - + + + + + + + + + + + + + + + + + + + + + + + + + From 4094eec61768dc81cd7f21a8417f1158a16e3e12 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 15:42:44 +0200 Subject: [PATCH 28/42] Update ruleset tests: account for new errors from WPCS * The `WordPress.Security.ValidatedSanitizedInput` sniff will now also examine `$_SESSION` variables. As the test is about another sniff, let's just ignore the notices coming from `WordPress.Security.ValidatedSanitizedInput`. --- WordPress-VIP-Go/ruleset-test.inc | 2 +- WordPressVIPMinimum/ruleset-test.inc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc index a2149ba6..773842b0 100644 --- a/WordPress-VIP-Go/ruleset-test.inc +++ b/WordPress-VIP-Go/ruleset-test.inc @@ -557,7 +557,7 @@ echo " 999, // Warning. ); _query_posts( 'posts_per_page=999' ); // Warning. @@ -45,7 +45,7 @@ $query_args['posts_per_page'] = 999; // Warning. date_default_timezone_set( 'FooBar' ); // Error. // WordPress.DB.PreparedSQL -$b = function () { +$b = function () { // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable global $wpdb; $listofthings = wp_cache_get( 'foo' ); if ( ! $listofthings ) { @@ -57,7 +57,7 @@ $b = function () { }; // WordPress.DB.DirectDatabaseQuery -$baz = $wpdb->get_results( $wpdb->prepare( 'SELECT X FROM Y ' ) ); // Warning x 2. +$baz = $wpdb->get_results( $wpdb->prepare( 'SELECT X FROM Y ' ) ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning x 2. // WordPress.DB.SlowDBQuery $test = [ @@ -139,9 +139,9 @@ serialize(); // Warning. unserialize(); // Warning. urlencode(); // Warning. passthru( 'cat myfile.zip', $err ); // Warning. -$process = proc_open( 'php', $descriptorspec, $pipes, $cwd, $env ); // Warning. -$last_line = system( 'ls', $retval ); // Warning. -$handle = popen( '/bin/ls', 'r' ); // Warning. +$process = proc_open( 'php', $descriptorspec, $pipes, $cwd, $env ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning. +$last_line = system( 'ls', $retval ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning. +$handle = popen( '/bin/ls', 'r' ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning. // WordPress.PHP.DiscouragedPHPFunctions.runtime_configuration_error_reporting error_reporting(); // Error. @@ -174,7 +174,7 @@ dl(); // Error. exec( 'whoami' ); // Error. // WordPress.PHP.DiscouragedPHPFunctions.system_calls_shell_exec -$output = shell_exec( 'ls -lart' ); // Error. +$output = shell_exec( 'ls -lart' ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Error. // WordPress.PHP.DevelopmentFunctions var_dump(); // Warning. @@ -243,7 +243,7 @@ curl_init(); // Warning + Message. curl_close( $ch ); // Warning + Message. CURL_getinfo(); // Warning + Message. parse_url( 'http://example.com/' ); // Warning. -$json = json_encode( $thing ); // Warning. +$json = json_encode( $thing ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning. readfile(); // Warning. fclose(); // Warning. fopen(); // Warning. @@ -402,7 +402,7 @@ wp_remote_get( $url ); // Warning. setcookie( 'cookie[three]', 'cookiethree' ); // Error. get_posts(); // Warning. wp_get_recent_posts(); // Warning. -$wp_random_testing = create_function( '$a, $b', 'return ( $b / $a ); '); // Warning. +$wp_random_testing = create_function( '$a, $b', 'return ( $b / $a ); '); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning. wpcom_vip_get_term_link(); // Warning. wpcom_vip_get_term_by(); // Warning. wpcom_vip_get_category_by_slug(); // Warning. @@ -447,11 +447,11 @@ add_filter( 'robots_txt', function() { // Warning. // WordPressVIPMinimum.Performance.CacheValueOverride -$bad_wp_users = wp_cache_get( md5( self::CACHE_KEY . '_wp_users'), self::CACHE_GROUP ); -$bad_wp_users = false; // Error. +$bad_wp_users = wp_cache_get( md5( self::CACHE_KEY . '_wp_users'), self::CACHE_GROUP ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable +$bad_wp_users = false; // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Error. // WordPressVIPMinimum.Performance.FetchingRemoteData -$external_resource = file_get_contents( 'https://example.com' ); // Warning. +$external_resource = file_get_contents( 'https://example.com' ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning. // WordPressVIPMinimum.Performance.LowExpiryCacheTime wp_cache_set( 'test', $data, $group, 100 ); // Warning. @@ -459,13 +459,13 @@ wp_cache_add( 123, $data, null, 1.5 * MINUTE_IN_SECONDS ); // Warning. wp_cache_replace( 'test', $data, $group, 2*MINUTE_IN_SECONDS ); // Warning. // WordPressVIPMinimum.Performance.NoPaging -$args = array( +$args = array( // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable 'nopaging' => true, // Error. ); _query_posts( 'nopaging=true' ); // Error. // WordPressVIPMinimum.Performance.OrderByRand -$args = array( +$args = array( // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable "orderby" => "RAND", // Error. ); $query_args['orderby'] = 'rand'; // Error. @@ -585,8 +585,8 @@ echo ''; / users"; // Error. -$x = foo( sanitize_text_field( $_SERVER['HTTP_USER_AGENT'] ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated -- Warning. +$query = "SELECT * FROM $wpdb->users"; // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Error. +$x = foo( sanitize_text_field( $_SERVER['HTTP_USER_AGENT'] ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated,VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning. foo( $_SESSION['bar'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput -- Error. // WordPressVIPMinimum.Variables.ServerVariables From 1686286d9d99fa728e543484af3321b66455b1f7 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 22:36:40 +0200 Subject: [PATCH 30/42] Performance/WPQueryParams: defer to the parent sniff This commit removes the custom token target + custom logic from this sniff in favour of deferring to the logic in the parent sniff - as discussed in 589. To that end, the keys which were handled in the custom `process_token()` logic have now been added to the `getGroups()` array. As the logic for whether or not an error message should be thrown is different for each group, an extra `'name'` key has been added to each group to allow the `callback()` function to distinguish what group the detected key came from. It also updates the error message being used to better cover both keys being looked for, as well as mention this only applies when the array is passed to `get_posts()` (in an attempt to remove some of the confusion reported in 672). Note: this is a BC-break as the error codes for the two out of the three existing checks change! * `WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn` is now `WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_post__not_in`. * `WordPressVIPMinimum.Performance.WPQueryParams.SuppressFiltersTrue` is now `WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters`. * The `WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude` error code, as introduced in 589, remains the same. Fixes 594 --- .../Sniffs/Performance/WPQueryParamsSniff.php | 72 +++++++------------ 1 file changed, 26 insertions(+), 46 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php index e9cabca4..301a9019 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php @@ -8,30 +8,17 @@ namespace WordPressVIPMinimum\Sniffs\Performance; -use PHP_CodeSniffer\Util\Tokens; use WordPressCS\WordPress\AbstractArrayAssignmentRestrictionsSniff; /** * Flag suspicious WP_Query and get_posts params. * - * @package VIPCS\WordPressVIPMinimum + * @link https://docs.wpvip.com/technical-references/caching/uncached-functions/ + * + * @package VIPCS\WordPressVIPMinimum */ class WPQueryParamsSniff extends AbstractArrayAssignmentRestrictionsSniff { - /** - * Returns an array of tokens this test wants to listen for. - * - * @return array - */ - public function register() { - $targets = parent::register(); - - // Add the target for the "old" implementation. - $targets[] = T_CONSTANT_ENCAPSED_STRING; - - return $targets; - } - /** * Groups of variables to restrict. * @@ -39,44 +26,28 @@ public function register() { */ public function getGroups() { return [ + // WordPress.com: https://lobby.vip.wordpress.com/wordpress-com-documentation/uncached-functions/. + // VIP Go: https://wpvip.com/documentation/vip-go/uncached-functions/. + 'SuppressFilters' => [ + 'name' => 'SuppressFilters', + 'type' => 'error', + 'message' => 'Setting `suppress_filters` to `true` is prohibited.', + 'keys' => [ + 'suppress_filters', + ], + ], 'PostNotIn' => [ + 'name' => 'PostNotIn', 'type' => 'warning', - 'message' => 'Using `exclude`, which is subsequently used by `post__not_in`, should be done with caution, see https://docs.wpvip.com/how-tos/improve-performance-by-removing-usage-of-post__not_in/ for more information.', + 'message' => 'Using exclusionary parameters, like %s, in calls to get_posts() should be done with caution, see https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information.', 'keys' => [ + 'post__not_in', 'exclude', ], ], ]; } - /** - * Process this test when one of its tokens is encountered - * - * @param int $stackPtr The position of the current token in the stack passed in $tokens. - * - * @return void - */ - public function process_token( $stackPtr ) { - - if ( trim( $this->tokens[ $stackPtr ]['content'], '\'' ) === 'suppress_filters' ) { - - $next_token = $this->phpcsFile->findNext( array_merge( Tokens::$emptyTokens, [ T_EQUAL, T_CLOSE_SQUARE_BRACKET, T_DOUBLE_ARROW ] ), $stackPtr + 1, null, true ); - - if ( $this->tokens[ $next_token ]['code'] === T_TRUE ) { - // https://docs.wpvip.com/technical-references/caching/uncached-functions/. - $message = 'Setting `suppress_filters` to `true` is prohibited.'; - $this->phpcsFile->addError( $message, $stackPtr, 'SuppressFiltersTrue' ); - } - } - - if ( trim( $this->tokens[ $stackPtr ]['content'], '\'' ) === 'post__not_in' ) { - $message = 'Using `post__not_in` should be done with caution, see https://docs.wpvip.com/how-tos/improve-performance-by-removing-usage-of-post__not_in/ for more information.'; - $this->phpcsFile->addWarning( $message, $stackPtr, 'PostNotIn' ); - } - - parent::process_token( $stackPtr ); - } - /** * Callback to process a confirmed key which doesn't need custom logic, but should always error. * @@ -88,6 +59,15 @@ public function process_token( $stackPtr ) { * @return bool FALSE if no match, TRUE if matches. */ public function callback( $key, $val, $line, $group ) { - return true; + switch ( $group['name'] ) { + case 'SuppressFilters': + return ( $val === 'true' ); + + case 'PostNotIn': + return true; + + default: + return false; + } } } From 6890027a67288fee827b29e5dac3f1e0bcd96a87 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 7 Mar 2023 17:21:53 +0100 Subject: [PATCH 31/42] Performance/NoPaging: add extra tests Safeguard the fix which was added to WPCS 3.0.0 in response to WPCS issue WordPress/WordPress-Coding-Standards 2211, which was created to handle VIPCS issue 713. --- WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.inc | 6 ++++++ WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php | 6 ++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.inc b/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.inc index 87ec19c2..9af35243 100644 --- a/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.inc +++ b/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.inc @@ -7,3 +7,9 @@ $args = array( _query_posts( 'nopaging=true' ); // Bad. $query_args['my_posts_per_page'] = -1; // OK. + +// Verify handling with no trailing comma at end of array. +$args = array( + 'nopaging' => true // Bad. +); +$args = [ 'nopaging' => true ]; // Bad. diff --git a/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php b/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php index 66885a22..6b358c4d 100644 --- a/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php @@ -27,8 +27,10 @@ class NoPagingUnitTest extends AbstractSniffUnitTest { */ public function getErrorList() { return [ - 4 => 1, - 7 => 1, + 4 => 1, + 7 => 1, + 13 => 1, + 15 => 1, ]; } From 05fad702d0fe550609eb37260a2fa8d994bf5a60 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 24 Aug 2023 04:16:52 +0200 Subject: [PATCH 32/42] GH Actions: minor tweaks to the composer options used Only disregard an upper limit to the PHP restrictions. --- .github/workflows/quicktest.yml | 2 +- .github/workflows/test.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index 350c09d2..39f8bda0 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -85,7 +85,7 @@ jobs: if: ${{ startsWith( matrix.php, '8' ) || matrix.php == 'latest' }} uses: "ramsey/composer-install@v2" with: - composer-options: --ignore-platform-reqs + composer-options: --ignore-platform-req=php+ custom-cache-suffix: $(date -u "+%Y-%m") - name: Display PHPCS installed standards diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0de1b5eb..142ce574 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -127,7 +127,7 @@ jobs: if: ${{ startsWith( matrix.php, '8' ) }} uses: "ramsey/composer-install@v2" with: - composer-options: --ignore-platform-reqs + composer-options: --ignore-platform-req=php+ custom-cache-suffix: $(date -u "+%Y-%m") - name: Run the unit tests From 92fdfd2bc0e80f2fcfe27e5c309da5b619ed790e Mon Sep 17 00:00:00 2001 From: jrfnl Date: Wed, 23 Aug 2023 20:51:57 +0200 Subject: [PATCH 33/42] Hooks/AlwaysReturnInFilter: remove redundant condition Given that: * `$insideIfConditionalReturn` has a default value of `0`; * And that value is only ever increased; * The `$insideIfConditionalReturn >= 0` condition will always be `true`. So this condition can be safely removed, just like the - now unused - assignments to the variable. The original condition was introduced with the introduction of the sniff in 177. The condition was adjusted in 291, which made the logic redundant. Looking at the sniff, I believe the intention was to only flag the "return outside condition missing" when not all control structure paths had a `return` statement, but this was never really properly checked as the only control structures taken into account are `if` control structures. I believe it would be good to improve the sniff to handle more control structures (`switch`, `while` etc) and to not throw the "return outside condition missing" error if all possible paths have a `return` statement, but that is outside the scope of the current PR. I will add a note to this effect to the review ticket for this sniff - 520. --- .../Sniffs/Hooks/AlwaysReturnInFilterSniff.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php index f3544e6b..4d80aad8 100644 --- a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php +++ b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php @@ -223,13 +223,10 @@ private function processFunctionBody( $stackPtr ) { $functionBodyScopeEnd ); - $insideIfConditionalReturn = 0; - $outsideConditionalReturn = 0; + $outsideConditionalReturn = 0; while ( $returnTokenPtr ) { - if ( $this->isInsideIfConditonal( $returnTokenPtr ) ) { - ++$insideIfConditionalReturn; - } else { + if ( $this->isInsideIfConditonal( $returnTokenPtr ) === false ) { ++$outsideConditionalReturn; } if ( $this->isReturningVoid( $returnTokenPtr ) ) { @@ -244,11 +241,10 @@ private function processFunctionBody( $stackPtr ) { ); } - if ( $insideIfConditionalReturn >= 0 && $outsideConditionalReturn === 0 ) { + if ( $outsideConditionalReturn === 0 ) { $message = 'Please, make sure that a callback to `%s` filter is always returning some value.'; $data = [ $filterName ]; $this->phpcsFile->addError( $message, $functionBodyScopeStart, 'MissingReturnStatement', $data ); - } } From 47c1c2c77347be64972c8747d62324b0a2ea6022 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 22 Aug 2023 23:03:59 +0200 Subject: [PATCH 34/42] Performance/WPQueryParams: prevent false positives for 'exclude' with get_users() As reported in 672 and 729, the `get_users()` function also takes an array parameter which takes an `'exclude'` key. That key is not our target, so should not be flagged. This commit adds a hard-coded exception specifically for that situation. If at a later point in time, more situations which need exceptions would be discovered, this solution can be made more flexible, but for now, there is no need (or insight into where the flexibility should be). As the `AbstractArrayAssignmentRestrictionsSniff::callback()` method does not have access to the `$stackPtr`, the logic which can be used in the `callback()` is limited. Also see the review notes from upstream 2266, which basically already pointed out this exact problem. To get round this, I'm overloading the `process_token()` method to set a temporary `$in_get_users` property, which can then be read out in the `callback()` method to be used in the actual determination of whether the exception should be made or not. Includes tests. Fixes 672 --- .../Sniffs/Performance/WPQueryParamsSniff.php | 27 +++++++++++++++++++ .../Performance/WPQueryParamsUnitTest.inc | 8 ++++++ .../Performance/WPQueryParamsUnitTest.php | 3 +++ 3 files changed, 38 insertions(+) diff --git a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php index 301a9019..38911bfb 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php @@ -9,6 +9,7 @@ namespace WordPressVIPMinimum\Sniffs\Performance; use WordPressCS\WordPress\AbstractArrayAssignmentRestrictionsSniff; +use WordPressCS\WordPress\Helpers\ContextHelper; /** * Flag suspicious WP_Query and get_posts params. @@ -19,6 +20,13 @@ */ class WPQueryParamsSniff extends AbstractArrayAssignmentRestrictionsSniff { + /** + * Whether the current $stackPtr being scanned is nested in a function call to get_users(). + * + * @var bool + */ + private $in_get_users = false; + /** * Groups of variables to restrict. * @@ -48,6 +56,20 @@ public function getGroups() { ]; } + /** + * Processes this test, when one of its tokens is encountered. + * + * @param int $stackPtr The position of the current token in the stack. + * + * @return void + */ + public function process_token( $stackPtr ) { + $this->in_get_users = ContextHelper::is_in_function_call( $this->phpcsFile, $stackPtr, [ 'get_users' => true ], true, true ); + + parent::process_token( $stackPtr ); + } + + /** * Callback to process a confirmed key which doesn't need custom logic, but should always error. * @@ -64,6 +86,11 @@ public function callback( $key, $val, $line, $group ) { return ( $val === 'true' ); case 'PostNotIn': + if ( $key === 'exclude' && $this->in_get_users !== false ) { + // This is not an array used by get_posts(). See #672. + return false; + } + return true; default: diff --git a/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.inc b/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.inc index 2aecfee5..d7c624d5 100644 --- a/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.inc +++ b/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.inc @@ -21,3 +21,11 @@ $q = new WP_query( $query_args ); get_posts( [ 'exclude' => $post_ids ] ); // Warning. $exclude = [ 1, 2, 3 ]; + +// Issue #672 / #729. +get_users( [ 'exclude' => $post_ids ] ); // OK. +get_users( My\get_args( [ 'exclude' => $post_ids ] ) ); // OK - arbitrary as the call to `My\get_args()` on its own would be flagged, but let's allow it. + +$context_unknown = [ 'exclude' => $post_ids ]; // Warning. +other_fn_calls_still_throw_warning( [ 'exclude' => $post_ids ] ); // Warning. +get_users( [ 'suppress_filters' => true ] ); // Error - not necessarily valid, but the exception being made is specifically about `exclude`. diff --git a/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php b/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php index d1a2b4e7..63d6e7d9 100644 --- a/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php @@ -27,6 +27,7 @@ public function getErrorList() { return [ 5 => 1, 17 => 1, + 31 => 1, ]; } @@ -40,6 +41,8 @@ public function getWarningList() { 4 => 1, 11 => 1, 21 => 1, + 29 => 1, + 30 => 1, ]; } } From f9628168cd9e5e86cbab8905f5ae0bd62acd4986 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Wed, 23 Aug 2023 18:44:06 +0200 Subject: [PATCH 35/42] Docs: remove redundant `@package` tags `@package` tags are an arcane manner to group related files as belonging to one project. For projects using namespaces, the current recommendation is to only have `@package` tags when they have supplemental information to the namespace. That is only in a very limited way the case in VIPCS, so I'm proposing to remove the `@package` tags from the VIPCS class docblocks, though leaving them for now in the file docblocks. At the very least, this removed duplicate information for which there is no reason for the duplication. Includes cleaning up (normalizing) the tag description alignments in the class docblocks. :point_right: reviewing with whitespace changes ignored should make it easier to see that the only real change is the removal of the package tags. Refs: * https://docs.phpdoc.org/3.0/guide/references/phpdoc/tags/package.html#package * https://github.com/php-fig/fig-standards/blob/master/proposed/phpdoc-tags.md#59-package --- .github/CONTRIBUTING.md | 2 -- .../Sniffs/AbstractVariableRestrictionsSniff.php | 2 -- .../Sniffs/Classes/DeclarationCompatibilitySniff.php | 2 -- .../Sniffs/Classes/RestrictedExtendClassesSniff.php | 2 -- .../Sniffs/Constants/ConstantStringSniff.php | 2 -- .../Sniffs/Constants/RestrictedConstantsSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php | 2 -- .../Sniffs/Files/IncludingNonPHPFileSniff.php | 2 -- .../Sniffs/Functions/RestrictedFunctionsSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Functions/StripTagsSniff.php | 2 -- .../Sniffs/Hooks/AlwaysReturnInFilterSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Hooks/RestrictedHooksSniff.php | 2 -- .../Sniffs/JS/DangerouslySetInnerHTMLSniff.php | 2 -- .../Sniffs/JS/HTMLExecutingFunctionsSniff.php | 2 -- WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php | 2 -- WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php | 2 -- WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php | 2 -- WordPressVIPMinimum/Sniffs/JS/WindowSniff.php | 2 -- .../Sniffs/Performance/CacheValueOverrideSniff.php | 2 -- .../Sniffs/Performance/FetchingRemoteDataSniff.php | 2 -- .../Sniffs/Performance/LowExpiryCacheTimeSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php | 4 +--- WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php | 4 +--- .../Sniffs/Performance/RegexpCompareSniff.php | 2 -- .../Sniffs/Performance/RemoteRequestTimeoutSniff.php | 2 -- .../Sniffs/Performance/TaxonomyMetaInOptionsSniff.php | 2 -- .../Sniffs/Performance/WPQueryParamsSniff.php | 2 -- .../Sniffs/Security/EscapingVoidReturnFunctionsSniff.php | 2 -- .../Sniffs/Security/ExitAfterRedirectSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php | 2 -- .../Sniffs/Security/PHPFilterFunctionsSniff.php | 2 -- .../Sniffs/Security/ProperEscapingFunctionSniff.php | 2 -- .../Sniffs/Security/StaticStrreplaceSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Security/TwigSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Security/VuejsSniff.php | 2 -- WordPressVIPMinimum/Sniffs/Sniff.php | 2 -- .../Sniffs/UserExperience/AdminBarRemovalSniff.php | 4 +--- .../Sniffs/Variables/RestrictedVariablesSniff.php | 4 +--- .../Sniffs/Variables/ServerVariablesSniff.php | 2 -- .../Tests/Classes/DeclarationCompatibilityUnitTest.php | 2 -- .../Tests/Classes/RestrictedExtendClassesUnitTest.php | 2 -- .../Tests/Constants/ConstantStringUnitTest.php | 2 -- .../Tests/Constants/RestrictedConstantsUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Files/IncludingFileUnitTest.php | 2 -- .../Tests/Files/IncludingNonPHPFileUnitTest.php | 2 -- .../Tests/Functions/CheckReturnValueUnitTest.php | 2 -- .../Tests/Functions/DynamicCallsUnitTest.php | 2 -- .../Tests/Functions/RestrictedFunctionsUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Functions/StripTagsUnitTest.php | 2 -- .../Tests/Hooks/AlwaysReturnInFilterUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Hooks/PreGetPostsUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Hooks/RestrictedHooksUnitTest.php | 2 -- .../Tests/JS/DangerouslySetInnerHTMLUnitTest.php | 2 -- .../Tests/JS/HTMLExecutingFunctionsUnitTest.php | 2 -- WordPressVIPMinimum/Tests/JS/InnerHTMLUnitTest.php | 2 -- WordPressVIPMinimum/Tests/JS/StringConcatUnitTest.php | 2 -- WordPressVIPMinimum/Tests/JS/StrippingTagsUnitTest.php | 2 -- WordPressVIPMinimum/Tests/JS/WindowUnitTest.php | 2 -- .../Tests/Performance/CacheValueOverrideUnitTest.php | 2 -- .../Tests/Performance/FetchingRemoteDataUnitTest.php | 2 -- .../Tests/Performance/LowExpiryCacheTimeUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php | 4 +--- .../Tests/Performance/OrderByRandUnitTest.php | 4 +--- .../Tests/Performance/RegexpCompareUnitTest.php | 2 -- .../Tests/Performance/RemoteRequestTimeoutUnitTest.php | 2 -- .../Tests/Performance/TaxonomyMetaInOptionsUnitTest.php | 2 -- .../Tests/Performance/WPQueryParamsUnitTest.php | 2 -- .../Tests/Security/EscapingVoidReturnFunctionsUnitTest.php | 2 -- .../Tests/Security/ExitAfterRedirectUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Security/MustacheUnitTest.php | 2 -- .../Tests/Security/PHPFilterFunctionsUnitTest.php | 2 -- .../Tests/Security/ProperEscapingFunctionUnitTest.php | 2 -- .../Tests/Security/StaticStrreplaceUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Security/TwigUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Security/UnderscorejsUnitTest.php | 2 -- WordPressVIPMinimum/Tests/Security/VuejsUnitTest.php | 2 -- .../Tests/UserExperience/AdminBarRemovalUnitTest.php | 4 +--- .../Tests/Variables/RestrictedVariablesUnitTest.php | 6 ++---- .../Tests/Variables/ServerVariablesUnitTest.php | 2 -- 81 files changed, 9 insertions(+), 171 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index f2651a80..a7c5da76 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -140,8 +140,6 @@ use PHP_CodeSniffer\Tests\Standards\AbstractSniffUnitTest; /** * Unit test class for the WP_Query params sniff. - * - * @package VIPCS\WordPressVIPMinimum */ class WPQueryParamsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php index ebbfc97f..06b61bfb 100644 --- a/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/AbstractVariableRestrictionsSniff.php @@ -18,8 +18,6 @@ * Restricts usage of some variables. * * Originally part of WordPress Coding Standards repo. - * - * @package VIPCS\WordPressVIPMinimum */ abstract class AbstractVariableRestrictionsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php index a1e80c97..712cacd0 100644 --- a/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php +++ b/WordPressVIPMinimum/Sniffs/Classes/DeclarationCompatibilitySniff.php @@ -14,8 +14,6 @@ /** * Class WordPressVIPMinimum_Sniffs_Classes_DeclarationCompatibilitySniff - * - * @package VIPCS\WordPressVIPMinimum */ class DeclarationCompatibilitySniff extends AbstractScopeSniff { diff --git a/WordPressVIPMinimum/Sniffs/Classes/RestrictedExtendClassesSniff.php b/WordPressVIPMinimum/Sniffs/Classes/RestrictedExtendClassesSniff.php index d57f9d57..a8b076a2 100644 --- a/WordPressVIPMinimum/Sniffs/Classes/RestrictedExtendClassesSniff.php +++ b/WordPressVIPMinimum/Sniffs/Classes/RestrictedExtendClassesSniff.php @@ -12,8 +12,6 @@ /** * WordPressVIPMinimum_Sniffs_Classes_RestrictedExtendClassesSniff. * - * @package VIPCS\WordPressVIPMinimum - * * @since 0.4.0 */ class RestrictedExtendClassesSniff extends AbstractClassRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php b/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php index d0a2fb61..b2a8dafb 100644 --- a/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php +++ b/WordPressVIPMinimum/Sniffs/Constants/ConstantStringSniff.php @@ -14,8 +14,6 @@ /** * Sniff for properly using constant name when checking whether a constant is defined. - * - * @package VIPCS\WordPressVIPMinimum */ class ConstantStringSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php b/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php index b6507a2d..619c2631 100644 --- a/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Constants/RestrictedConstantsSniff.php @@ -13,8 +13,6 @@ /** * Restricts usage of some constants. - * - * @package VIPCS\WordPressVIPMinimum */ class RestrictedConstantsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php b/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php index 14fce7c9..f1bfc2db 100644 --- a/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php +++ b/WordPressVIPMinimum/Sniffs/Files/IncludingFileSniff.php @@ -14,8 +14,6 @@ * WordPressVIPMinimum_Sniffs_Files_IncludingFileSniff. * * Checks for custom variables, functions and constants, and external URLs used in file inclusion. - * - * @package VIPCS\WordPressVIPMinimum */ class IncludingFileSniff extends AbstractFunctionRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php b/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php index 4b32b17c..ab32dc9f 100644 --- a/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php +++ b/WordPressVIPMinimum/Sniffs/Files/IncludingNonPHPFileSniff.php @@ -15,8 +15,6 @@ * Ensure that non-PHP files are included via `file_get_contents()` instead of using `include/require[_once]`. * * This prevents potential PHP code embedded in those files from being automatically executed. - * - * @package VIPCS\WordPressVIPMinimum */ class IncludingNonPHPFileSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php index c37a3ab9..505bc5a0 100644 --- a/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php @@ -12,8 +12,6 @@ /** * Restricts usage of some functions in VIP context. - * - * @package VIPCS\WordPressVIPMinimum */ class RestrictedFunctionsSniff extends AbstractFunctionRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Functions/StripTagsSniff.php b/WordPressVIPMinimum/Sniffs/Functions/StripTagsSniff.php index 3e0280cc..cf29e454 100644 --- a/WordPressVIPMinimum/Sniffs/Functions/StripTagsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Functions/StripTagsSniff.php @@ -12,8 +12,6 @@ /** * This sniff ensures proper tag stripping. * - * @package VIPCS\WordPressVIPMinimum - * * @since 0.4.0 */ class StripTagsSniff extends AbstractFunctionParameterSniff { diff --git a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php index 4d80aad8..7bf70d9a 100644 --- a/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php +++ b/WordPressVIPMinimum/Sniffs/Hooks/AlwaysReturnInFilterSniff.php @@ -14,8 +14,6 @@ /** * This sniff validates that filters always return a value - * - * @package VIPCS\WordPressVIPMinimum */ class AlwaysReturnInFilterSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php b/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php index 09ee720c..88d49e62 100644 --- a/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Hooks/PreGetPostsSniff.php @@ -15,8 +15,6 @@ * This sniff validates a proper usage of pre_get_posts action callback. * * It looks for cases when the WP_Query object is being modified without checking for WP_Query::is_main_query(). - * - * @package VIPCS\WordPressVIPMinimum */ class PreGetPostsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Hooks/RestrictedHooksSniff.php b/WordPressVIPMinimum/Sniffs/Hooks/RestrictedHooksSniff.php index 90c2c68f..d15dac7d 100644 --- a/WordPressVIPMinimum/Sniffs/Hooks/RestrictedHooksSniff.php +++ b/WordPressVIPMinimum/Sniffs/Hooks/RestrictedHooksSniff.php @@ -12,8 +12,6 @@ /** * This sniff restricts usage of some action and filter hooks. * - * @package VIPCS\WordPressVIPMinimum - * * @since 0.4.0 */ class RestrictedHooksSniff extends AbstractFunctionParameterSniff { diff --git a/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php b/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php index f2f5123a..ce68a775 100644 --- a/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php @@ -14,8 +14,6 @@ * WordPressVIPMinimum_Sniffs_JS_DangerouslySetInnerHTMLSniff. * * Looks for instances of React's dangerouslySetInnerHMTL. - * - * @package VIPCS\WordPressVIPMinimum */ class DangerouslySetInnerHTMLSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php index b0c60225..0a106f22 100644 --- a/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php @@ -14,8 +14,6 @@ * WordPressVIPMinimum_Sniffs_JS_HTMLExecutingFunctions. * * Flags functions which are executing HTML passed to it. - * - * @package VIPCS\WordPressVIPMinimum */ class HTMLExecutingFunctionsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php b/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php index a46e3504..f35f9894 100644 --- a/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php @@ -14,8 +14,6 @@ * WordPressVIPMinimum_Sniffs_JS_InnerHTMLSniff. * * Looks for instances of .innerHMTL. - * - * @package VIPCS\WordPressVIPMinimum */ class InnerHTMLSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php b/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php index 06247d37..049b35c0 100644 --- a/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php @@ -14,8 +14,6 @@ * WordPressVIPMinimum_Sniffs_JS_StringConcatSniff. * * Looks for HTML string concatenation. - * - * @package VIPCS\WordPressVIPMinimum */ class StringConcatSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php b/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php index 86607d3e..88fef947 100644 --- a/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php @@ -14,8 +14,6 @@ * WordPressVIPMinimum_Sniffs_JS_StrippingTagsSniff. * * Looks for incorrect way of stripping tags. - * - * @package VIPCS\WordPressVIPMinimum */ class StrippingTagsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php b/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php index 20e270d0..d54d5690 100644 --- a/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php +++ b/WordPressVIPMinimum/Sniffs/JS/WindowSniff.php @@ -14,8 +14,6 @@ * WordPressVIPMinimum_Sniffs_JS_WindowSniff. * * Looks for instances of window properties that should be flagged. - * - * @package VIPCS\WordPressVIPMinimum */ class WindowSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php b/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php index 01141511..8d39c1a2 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/CacheValueOverrideSniff.php @@ -12,8 +12,6 @@ /** * This sniff check whether a cached value is being overridden. - * - * @package VIPCS\WordPressVIPMinimum */ class CacheValueOverrideSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php b/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php index b3387357..fab5eada 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/FetchingRemoteDataSniff.php @@ -13,8 +13,6 @@ /** * Restricts usage of file_get_contents(). - * - * @package VIPCS\WordPressVIPMinimum */ class FetchingRemoteDataSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php b/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php index 54f2b19c..cededb87 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/LowExpiryCacheTimeSniff.php @@ -16,8 +16,6 @@ * * {@internal VIP uses the Memcached object cache implementation. {@link https://github.com/Automattic/wp-memcached}} * - * @package VIPCS\WordPressVIPMinimum - * * @since 0.4.0 */ class LowExpiryCacheTimeSniff extends AbstractFunctionParameterSniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php b/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php index 9fe38793..c751f021 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/NoPagingSniff.php @@ -16,9 +16,7 @@ * * @link https://docs.wpvip.com/technical-references/code-review/#no-limit-queries * - * @package VIPCS\WordPressVIPMinimum - * - * @since 0.5.0 + * @since 0.5.0 */ class NoPagingSniff extends AbstractArrayAssignmentRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php b/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php index 69a324e8..2747b242 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/OrderByRandSniff.php @@ -17,9 +17,7 @@ * * @link https://docs.wpvip.com/technical-references/code-review/vip-errors/#h-order-by-rand * - * @package VIPCS\WordPressVIPMinimum - * - * @since 0.5.0 + * @since 0.5.0 */ class OrderByRandSniff extends AbstractArrayAssignmentRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php b/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php index f216d908..536bd1ee 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/RegexpCompareSniff.php @@ -12,8 +12,6 @@ /** * Flag REGEXP and NOT REGEXP in meta compare - * - * @package VIPCS\WordPressVIPMinimum */ class RegexpCompareSniff extends AbstractArrayAssignmentRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/RemoteRequestTimeoutSniff.php b/WordPressVIPMinimum/Sniffs/Performance/RemoteRequestTimeoutSniff.php index e7fceaeb..072ba5af 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/RemoteRequestTimeoutSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/RemoteRequestTimeoutSniff.php @@ -11,8 +11,6 @@ /** * Flag use of a timeout of more than 3 seconds for remote requests. - * - * @package VIPCS\WordPressVIPMinimum */ class RemoteRequestTimeoutSniff extends AbstractArrayAssignmentRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php index e47279a3..07607275 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/TaxonomyMetaInOptionsSniff.php @@ -13,8 +13,6 @@ /** * Restricts the implementation of taxonomy term meta via options. - * - * @package VIPCS\WordPressVIPMinimum */ class TaxonomyMetaInOptionsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php index 301a9019..9cd0d5c8 100644 --- a/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Performance/WPQueryParamsSniff.php @@ -14,8 +14,6 @@ * Flag suspicious WP_Query and get_posts params. * * @link https://docs.wpvip.com/technical-references/caching/uncached-functions/ - * - * @package VIPCS\WordPressVIPMinimum */ class WPQueryParamsSniff extends AbstractArrayAssignmentRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php index 3b808d9e..6a6ba281 100644 --- a/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/EscapingVoidReturnFunctionsSniff.php @@ -17,8 +17,6 @@ * * E.g. esc_html( _e( 'foo' ) ); * - * @package VIPCS\WordPressVIPMinimum - * * @uses \WordPressCS\WordPress\Helpers\PrintingFunctionsTrait::$customPrintingFunctions */ class EscapingVoidReturnFunctionsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php b/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php index 84aa9a01..3c90c315 100644 --- a/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/ExitAfterRedirectSniff.php @@ -13,8 +13,6 @@ /** * Require `exit;` being called after wp_redirect and wp_safe_redirect. - * - * @package VIPCS\WordPressVIPMinimum */ class ExitAfterRedirectSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php b/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php index fc12e9f6..ac18f3c7 100644 --- a/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php @@ -12,8 +12,6 @@ /** * Looks for instances of unescaped output for Mustache templating engine and Handlebars.js. - * - * @package VIPCS\WordPressVIPMinimum */ class MustacheSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/PHPFilterFunctionsSniff.php b/WordPressVIPMinimum/Sniffs/Security/PHPFilterFunctionsSniff.php index d8198118..e2907d9a 100644 --- a/WordPressVIPMinimum/Sniffs/Security/PHPFilterFunctionsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/PHPFilterFunctionsSniff.php @@ -12,8 +12,6 @@ /** * This sniff ensures that proper sanitization is occurring when PHP's filter_* functions are used. * - * @package VIPCS\WordPressVIPMinimum - * * @since 0.4.0 */ class PHPFilterFunctionsSniff extends AbstractFunctionParameterSniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php b/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php index 1341e590..12ee05c7 100644 --- a/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/ProperEscapingFunctionSniff.php @@ -15,8 +15,6 @@ /** * Checks whether proper escaping function is used. - * - * @package VIPCS\WordPressVIPMinimum */ class ProperEscapingFunctionSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php b/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php index 7d754a5e..58e90e74 100644 --- a/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/StaticStrreplaceSniff.php @@ -13,8 +13,6 @@ /** * Restricts usage of str_replace with all 3 params being static. - * - * @package VIPCS\WordPressVIPMinimum */ class StaticStrreplaceSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/TwigSniff.php b/WordPressVIPMinimum/Sniffs/Security/TwigSniff.php index 31cc8a91..fdc8f643 100644 --- a/WordPressVIPMinimum/Sniffs/Security/TwigSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/TwigSniff.php @@ -12,8 +12,6 @@ /** * Looks for instances of unescaped output for Twig templating engine. - * - * @package VIPCS\WordPressVIPMinimum */ class TwigSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php b/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php index f76e773e..ecb40db2 100644 --- a/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/UnderscorejsSniff.php @@ -14,8 +14,6 @@ /** * Looks for instances of unescaped output for Underscore.js templating engine. - * - * @package VIPCS\WordPressVIPMinimum */ class UnderscorejsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Security/VuejsSniff.php b/WordPressVIPMinimum/Sniffs/Security/VuejsSniff.php index 60e50e9d..7f9d9e73 100644 --- a/WordPressVIPMinimum/Sniffs/Security/VuejsSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/VuejsSniff.php @@ -12,8 +12,6 @@ /** * Looks for instances of unescaped output for Twig templating engine. - * - * @package VIPCS\WordPressVIPMinimum */ class VuejsSniff extends Sniff { diff --git a/WordPressVIPMinimum/Sniffs/Sniff.php b/WordPressVIPMinimum/Sniffs/Sniff.php index 0f4c9c40..8a53228f 100644 --- a/WordPressVIPMinimum/Sniffs/Sniff.php +++ b/WordPressVIPMinimum/Sniffs/Sniff.php @@ -15,8 +15,6 @@ * Represents a WordPress\Sniff for sniffing VIP coding standards. * * Provides a bootstrap for the sniffs, to reduce code duplication. - * - * @package VIPCS\WordPressVIPMinimum */ abstract class Sniff extends WPCS_Sniff { } diff --git a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php index 57571bf7..3db0aea6 100644 --- a/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php +++ b/WordPressVIPMinimum/Sniffs/UserExperience/AdminBarRemovalSniff.php @@ -19,9 +19,7 @@ * * @link https://docs.wpvip.com/technical-references/code-review/vip-warnings/#h-removing-the-admin-bar * - * @package VIPCS\WordPressVIPMinimum - * - * @since 0.5.0 + * @since 0.5.0 */ class AdminBarRemovalSniff extends AbstractFunctionParameterSniff { diff --git a/WordPressVIPMinimum/Sniffs/Variables/RestrictedVariablesSniff.php b/WordPressVIPMinimum/Sniffs/Variables/RestrictedVariablesSniff.php index d28f092e..65687642 100644 --- a/WordPressVIPMinimum/Sniffs/Variables/RestrictedVariablesSniff.php +++ b/WordPressVIPMinimum/Sniffs/Variables/RestrictedVariablesSniff.php @@ -14,9 +14,7 @@ /** * Restricts usage of some variables in VIP context. * - * @package VIPCS\WordPressVIPMinimum - * - * @since 0.5.0 + * @since 0.5.0 */ class RestrictedVariablesSniff extends AbstractVariableRestrictionsSniff { diff --git a/WordPressVIPMinimum/Sniffs/Variables/ServerVariablesSniff.php b/WordPressVIPMinimum/Sniffs/Variables/ServerVariablesSniff.php index d8c88c53..09f00bf9 100644 --- a/WordPressVIPMinimum/Sniffs/Variables/ServerVariablesSniff.php +++ b/WordPressVIPMinimum/Sniffs/Variables/ServerVariablesSniff.php @@ -12,8 +12,6 @@ /** * Restricts usage of some server variables. - * - * @package VIPCS\WordPressVIPMinimum */ class ServerVariablesSniff extends Sniff { diff --git a/WordPressVIPMinimum/Tests/Classes/DeclarationCompatibilityUnitTest.php b/WordPressVIPMinimum/Tests/Classes/DeclarationCompatibilityUnitTest.php index 1fb8cb67..1a6b89a7 100644 --- a/WordPressVIPMinimum/Tests/Classes/DeclarationCompatibilityUnitTest.php +++ b/WordPressVIPMinimum/Tests/Classes/DeclarationCompatibilityUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the DeclarationCompatibility sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Classes\DeclarationCompatibilitySniff */ class DeclarationCompatibilityUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Classes/RestrictedExtendClassesUnitTest.php b/WordPressVIPMinimum/Tests/Classes/RestrictedExtendClassesUnitTest.php index 7f4912c5..51c1cf00 100644 --- a/WordPressVIPMinimum/Tests/Classes/RestrictedExtendClassesUnitTest.php +++ b/WordPressVIPMinimum/Tests/Classes/RestrictedExtendClassesUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the RestrictedExtendClasses sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Classes\RestrictedExtendClassesSniff */ class RestrictedExtendClassesUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Constants/ConstantStringUnitTest.php b/WordPressVIPMinimum/Tests/Constants/ConstantStringUnitTest.php index f65342fc..f2cfe47d 100644 --- a/WordPressVIPMinimum/Tests/Constants/ConstantStringUnitTest.php +++ b/WordPressVIPMinimum/Tests/Constants/ConstantStringUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the ConstantString sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Constants\ConstantStringSniff */ class ConstantStringUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Constants/RestrictedConstantsUnitTest.php b/WordPressVIPMinimum/Tests/Constants/RestrictedConstantsUnitTest.php index 33d59549..3c718f6b 100644 --- a/WordPressVIPMinimum/Tests/Constants/RestrictedConstantsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Constants/RestrictedConstantsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the ConstantRestrictions sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Constants\RestrictedConstantsSniff */ class RestrictedConstantsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Files/IncludingFileUnitTest.php b/WordPressVIPMinimum/Tests/Files/IncludingFileUnitTest.php index 68017835..4c4043b1 100644 --- a/WordPressVIPMinimum/Tests/Files/IncludingFileUnitTest.php +++ b/WordPressVIPMinimum/Tests/Files/IncludingFileUnitTest.php @@ -11,8 +11,6 @@ /** * Unit test class for the IncludingFile sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Files\IncludingFileSniff */ class IncludingFileUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Files/IncludingNonPHPFileUnitTest.php b/WordPressVIPMinimum/Tests/Files/IncludingNonPHPFileUnitTest.php index 0822ad88..db025973 100644 --- a/WordPressVIPMinimum/Tests/Files/IncludingNonPHPFileUnitTest.php +++ b/WordPressVIPMinimum/Tests/Files/IncludingNonPHPFileUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the IncludingNonPHPFile sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Files\IncludingNonPHPFileSniff */ class IncludingNonPHPFileUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Functions/CheckReturnValueUnitTest.php b/WordPressVIPMinimum/Tests/Functions/CheckReturnValueUnitTest.php index d86bea52..4e2aa5af 100644 --- a/WordPressVIPMinimum/Tests/Functions/CheckReturnValueUnitTest.php +++ b/WordPressVIPMinimum/Tests/Functions/CheckReturnValueUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the CheckReturnValue sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Functions\CheckReturnValueSniff */ class CheckReturnValueUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Functions/DynamicCallsUnitTest.php b/WordPressVIPMinimum/Tests/Functions/DynamicCallsUnitTest.php index c98cc6e7..171f1122 100644 --- a/WordPressVIPMinimum/Tests/Functions/DynamicCallsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Functions/DynamicCallsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the DynamicCalls sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Functions\DynamicCallsSniff */ class DynamicCallsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Functions/RestrictedFunctionsUnitTest.php b/WordPressVIPMinimum/Tests/Functions/RestrictedFunctionsUnitTest.php index 35170b9b..e089d78e 100644 --- a/WordPressVIPMinimum/Tests/Functions/RestrictedFunctionsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Functions/RestrictedFunctionsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the RestrictedFunctions sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Functions\RestrictedFunctionsSniff */ class RestrictedFunctionsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Functions/StripTagsUnitTest.php b/WordPressVIPMinimum/Tests/Functions/StripTagsUnitTest.php index 40cdb485..3dfe3703 100644 --- a/WordPressVIPMinimum/Tests/Functions/StripTagsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Functions/StripTagsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the StripTags sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Functions\StripTagsSniff */ class StripTagsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Hooks/AlwaysReturnInFilterUnitTest.php b/WordPressVIPMinimum/Tests/Hooks/AlwaysReturnInFilterUnitTest.php index fdd7d05e..8576297e 100644 --- a/WordPressVIPMinimum/Tests/Hooks/AlwaysReturnInFilterUnitTest.php +++ b/WordPressVIPMinimum/Tests/Hooks/AlwaysReturnInFilterUnitTest.php @@ -13,8 +13,6 @@ /** * Unit test class for the Hooks/AlwaysReturn sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Hooks\AlwaysReturnInFilterSniff */ class AlwaysReturnInFilterUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Hooks/PreGetPostsUnitTest.php b/WordPressVIPMinimum/Tests/Hooks/PreGetPostsUnitTest.php index 2ed915a6..363f3244 100644 --- a/WordPressVIPMinimum/Tests/Hooks/PreGetPostsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Hooks/PreGetPostsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the PreGetPosts sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Hooks\PreGetPostsSniff */ class PreGetPostsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Hooks/RestrictedHooksUnitTest.php b/WordPressVIPMinimum/Tests/Hooks/RestrictedHooksUnitTest.php index 9f3553c5..2f6172be 100644 --- a/WordPressVIPMinimum/Tests/Hooks/RestrictedHooksUnitTest.php +++ b/WordPressVIPMinimum/Tests/Hooks/RestrictedHooksUnitTest.php @@ -11,8 +11,6 @@ /** * Unit test class for the Filters/RestrictedHooks sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @since 0.4.0 * * @covers \WordPressVIPMinimum\Sniffs\Hooks\RestrictedHooksSniff diff --git a/WordPressVIPMinimum/Tests/JS/DangerouslySetInnerHTMLUnitTest.php b/WordPressVIPMinimum/Tests/JS/DangerouslySetInnerHTMLUnitTest.php index 4a568119..8f2ca838 100644 --- a/WordPressVIPMinimum/Tests/JS/DangerouslySetInnerHTMLUnitTest.php +++ b/WordPressVIPMinimum/Tests/JS/DangerouslySetInnerHTMLUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the HTML String concatenation in JS sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\JS\DangerouslySetInnerHTMLSniff */ class DangerouslySetInnerHTMLUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/JS/HTMLExecutingFunctionsUnitTest.php b/WordPressVIPMinimum/Tests/JS/HTMLExecutingFunctionsUnitTest.php index aa1836a3..269334a2 100644 --- a/WordPressVIPMinimum/Tests/JS/HTMLExecutingFunctionsUnitTest.php +++ b/WordPressVIPMinimum/Tests/JS/HTMLExecutingFunctionsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the HTML executing JS functions sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\JS\HTMLExecutingFunctionsSniff */ class HTMLExecutingFunctionsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/JS/InnerHTMLUnitTest.php b/WordPressVIPMinimum/Tests/JS/InnerHTMLUnitTest.php index 6fd4871c..20c01177 100644 --- a/WordPressVIPMinimum/Tests/JS/InnerHTMLUnitTest.php +++ b/WordPressVIPMinimum/Tests/JS/InnerHTMLUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the HTML String concatenation in JS sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\JS\InnerHTMLSniff */ class InnerHTMLUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/JS/StringConcatUnitTest.php b/WordPressVIPMinimum/Tests/JS/StringConcatUnitTest.php index 94ab2535..b252908a 100644 --- a/WordPressVIPMinimum/Tests/JS/StringConcatUnitTest.php +++ b/WordPressVIPMinimum/Tests/JS/StringConcatUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the HTML String concatenation in JS sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\JS\StringConcatSniff */ class StringConcatUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/JS/StrippingTagsUnitTest.php b/WordPressVIPMinimum/Tests/JS/StrippingTagsUnitTest.php index 45c73a1f..e93ba86a 100644 --- a/WordPressVIPMinimum/Tests/JS/StrippingTagsUnitTest.php +++ b/WordPressVIPMinimum/Tests/JS/StrippingTagsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for incorrect HTML tags stripping approach in JS sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\JS\StrippingTagsSniff */ class StrippingTagsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/JS/WindowUnitTest.php b/WordPressVIPMinimum/Tests/JS/WindowUnitTest.php index 283af2c5..32ed5cae 100644 --- a/WordPressVIPMinimum/Tests/JS/WindowUnitTest.php +++ b/WordPressVIPMinimum/Tests/JS/WindowUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the HTML String concatenation in JS sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\JS\WindowSniff */ class WindowUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Performance/CacheValueOverrideUnitTest.php b/WordPressVIPMinimum/Tests/Performance/CacheValueOverrideUnitTest.php index e8eb7555..71f89f1f 100644 --- a/WordPressVIPMinimum/Tests/Performance/CacheValueOverrideUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/CacheValueOverrideUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the CacheValueOverride sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Performance\CacheValueOverrideSniff */ class CacheValueOverrideUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Performance/FetchingRemoteDataUnitTest.php b/WordPressVIPMinimum/Tests/Performance/FetchingRemoteDataUnitTest.php index 922d8d9c..05c27d4d 100644 --- a/WordPressVIPMinimum/Tests/Performance/FetchingRemoteDataUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/FetchingRemoteDataUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the ExitAfterRedirect sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Performance\FetchingRemoteDataSniff */ class FetchingRemoteDataUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Performance/LowExpiryCacheTimeUnitTest.php b/WordPressVIPMinimum/Tests/Performance/LowExpiryCacheTimeUnitTest.php index fa706edd..4a318383 100644 --- a/WordPressVIPMinimum/Tests/Performance/LowExpiryCacheTimeUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/LowExpiryCacheTimeUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the LowExpiryCacheTime sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Performance\LowExpiryCacheTimeSniff */ class LowExpiryCacheTimeUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php b/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php index 6b358c4d..c5586e4c 100644 --- a/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/NoPagingUnitTest.php @@ -12,9 +12,7 @@ /** * Unit test class for the NoPaging sniff. * - * @package VIPCS\WordPressVIPMinimum - * - * @since 0.5.0 + * @since 0.5.0 * * @covers \WordPressVIPMinimum\Sniffs\Performance\NoPagingSniff */ diff --git a/WordPressVIPMinimum/Tests/Performance/OrderByRandUnitTest.php b/WordPressVIPMinimum/Tests/Performance/OrderByRandUnitTest.php index e49bbcb6..a39fb4d8 100644 --- a/WordPressVIPMinimum/Tests/Performance/OrderByRandUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/OrderByRandUnitTest.php @@ -12,9 +12,7 @@ /** * Unit test class for the OrderByRand sniff. * - * @package VIPCS\WordPressVIPMinimum - * - * @since 0.5.0 + * @since 0.5.0 * * @covers \WordPressVIPMinimum\Sniffs\Performance\OrderByRandSniff */ diff --git a/WordPressVIPMinimum/Tests/Performance/RegexpCompareUnitTest.php b/WordPressVIPMinimum/Tests/Performance/RegexpCompareUnitTest.php index a0b714d8..24e4ab6e 100644 --- a/WordPressVIPMinimum/Tests/Performance/RegexpCompareUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/RegexpCompareUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the RegexpCompare sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Performance\RegexpCompareSniff */ class RegexpCompareUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Performance/RemoteRequestTimeoutUnitTest.php b/WordPressVIPMinimum/Tests/Performance/RemoteRequestTimeoutUnitTest.php index b25e072d..09ac3150 100644 --- a/WordPressVIPMinimum/Tests/Performance/RemoteRequestTimeoutUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/RemoteRequestTimeoutUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the RemoteRequestTimeout sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Performance\RemoteRequestTimeoutSniff */ class RemoteRequestTimeoutUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Performance/TaxonomyMetaInOptionsUnitTest.php b/WordPressVIPMinimum/Tests/Performance/TaxonomyMetaInOptionsUnitTest.php index 5c64334f..dff27d68 100644 --- a/WordPressVIPMinimum/Tests/Performance/TaxonomyMetaInOptionsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/TaxonomyMetaInOptionsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the TaxonomyMetaInOptions sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Performance\TaxonomyMetaInOptionsSniff */ class TaxonomyMetaInOptionsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php b/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php index d1a2b4e7..a08be076 100644 --- a/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the WP_Query params sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Performance\WPQueryParamsSniff */ class WPQueryParamsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/EscapingVoidReturnFunctionsUnitTest.php b/WordPressVIPMinimum/Tests/Security/EscapingVoidReturnFunctionsUnitTest.php index 5e039b73..52734c3f 100644 --- a/WordPressVIPMinimum/Tests/Security/EscapingVoidReturnFunctionsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/EscapingVoidReturnFunctionsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the EscapingVoidReturnFunctions sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\EscapingVoidReturnFunctionsSniff */ class EscapingVoidReturnFunctionsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/ExitAfterRedirectUnitTest.php b/WordPressVIPMinimum/Tests/Security/ExitAfterRedirectUnitTest.php index 1549c076..98ec88dd 100644 --- a/WordPressVIPMinimum/Tests/Security/ExitAfterRedirectUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/ExitAfterRedirectUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the ExitAfterRedirect sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\ExitAfterRedirectSniff */ class ExitAfterRedirectUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.php b/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.php index 001c88cf..2c441539 100644 --- a/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the unescaped output in Mustache templating engine. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\MustacheSniff */ class MustacheUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/PHPFilterFunctionsUnitTest.php b/WordPressVIPMinimum/Tests/Security/PHPFilterFunctionsUnitTest.php index edc3333f..dae998cc 100644 --- a/WordPressVIPMinimum/Tests/Security/PHPFilterFunctionsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/PHPFilterFunctionsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the WP_Query params sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\PHPFilterFunctionsSniff */ class PHPFilterFunctionsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/ProperEscapingFunctionUnitTest.php b/WordPressVIPMinimum/Tests/Security/ProperEscapingFunctionUnitTest.php index 70af9cda..1a7d9fc5 100644 --- a/WordPressVIPMinimum/Tests/Security/ProperEscapingFunctionUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/ProperEscapingFunctionUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the ProperEscapingFunction sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\ProperEscapingFunctionSniff */ class ProperEscapingFunctionUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/StaticStrreplaceUnitTest.php b/WordPressVIPMinimum/Tests/Security/StaticStrreplaceUnitTest.php index 2209a462..c67ff014 100644 --- a/WordPressVIPMinimum/Tests/Security/StaticStrreplaceUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/StaticStrreplaceUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the StaticStrreplace sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\StaticStrreplaceSniff */ class StaticStrreplaceUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/TwigUnitTest.php b/WordPressVIPMinimum/Tests/Security/TwigUnitTest.php index 7d6c54c4..0c390843 100644 --- a/WordPressVIPMinimum/Tests/Security/TwigUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/TwigUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the unescaped output in Twig templating engine. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\TwigSniff */ class TwigUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/UnderscorejsUnitTest.php b/WordPressVIPMinimum/Tests/Security/UnderscorejsUnitTest.php index b70cc8fe..28e5ed37 100644 --- a/WordPressVIPMinimum/Tests/Security/UnderscorejsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/UnderscorejsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the unescaped output in Underscore.js templating engine. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\UnderscorejsSniff */ class UnderscorejsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/Security/VuejsUnitTest.php b/WordPressVIPMinimum/Tests/Security/VuejsUnitTest.php index d539d831..74c490f1 100644 --- a/WordPressVIPMinimum/Tests/Security/VuejsUnitTest.php +++ b/WordPressVIPMinimum/Tests/Security/VuejsUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the unescaped output in Vue.js templating engine. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Security\VuejsSniff */ class VuejsUnitTest extends AbstractSniffUnitTest { diff --git a/WordPressVIPMinimum/Tests/UserExperience/AdminBarRemovalUnitTest.php b/WordPressVIPMinimum/Tests/UserExperience/AdminBarRemovalUnitTest.php index 1c19641c..6fd137c6 100644 --- a/WordPressVIPMinimum/Tests/UserExperience/AdminBarRemovalUnitTest.php +++ b/WordPressVIPMinimum/Tests/UserExperience/AdminBarRemovalUnitTest.php @@ -12,9 +12,7 @@ /** * Unit test class for the AdminBarRemoval sniff. * - * @package VIPCS\WordPressVIPMinimum - * - * @since 0.5.0 + * @since 0.5.0 * * @covers \WordPressVIPMinimum\Sniffs\UserExperience\AdminBarRemovalSniff */ diff --git a/WordPressVIPMinimum/Tests/Variables/RestrictedVariablesUnitTest.php b/WordPressVIPMinimum/Tests/Variables/RestrictedVariablesUnitTest.php index 5feb1d8a..36b833b2 100644 --- a/WordPressVIPMinimum/Tests/Variables/RestrictedVariablesUnitTest.php +++ b/WordPressVIPMinimum/Tests/Variables/RestrictedVariablesUnitTest.php @@ -12,10 +12,8 @@ /** * Unit test class for the VIP_RestrictedVariables sniff. * - * @package WPCS\WordPressCodingStandards - * - * @since 0.3.0 - * @since 0.13.0 Class name changed: this class is now namespaced. + * @since 0.3.0 + * @since 0.13.0 Class name changed: this class is now namespaced. * * @covers \WordPressVIPMinimum\Sniffs\Variables\RestrictedVariablesSniff */ diff --git a/WordPressVIPMinimum/Tests/Variables/ServerVariablesUnitTest.php b/WordPressVIPMinimum/Tests/Variables/ServerVariablesUnitTest.php index 39678f40..d836a2c8 100644 --- a/WordPressVIPMinimum/Tests/Variables/ServerVariablesUnitTest.php +++ b/WordPressVIPMinimum/Tests/Variables/ServerVariablesUnitTest.php @@ -12,8 +12,6 @@ /** * Unit test class for the Variable Analysis sniff. * - * @package VIPCS\WordPressVIPMinimum - * * @covers \WordPressVIPMinimum\Sniffs\Variables\ServerVariablesSniff */ class ServerVariablesUnitTest extends AbstractSniffUnitTest { From a6b8113920433d68bf3c418425e985aa518f31f7 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Wed, 23 Aug 2023 20:32:40 +0200 Subject: [PATCH 36/42] Add PHPStan to QA checks PHPStan is a good addition to our QA toolkit and with improvements PHPStan has made over the years is now a viable tool for us to use (previously it would give way too many false positives). This commit: * Adds a separate job to the `basics` workflow in GH Actions. Notes: - I've chosen **not** to add PHPStan to the Composer dependencies for two reasons: 1. It doesn't allow for installation on PHP < 7.2, which would break/block the `composer install` for our test runs. 2. It would add dependencies which could conflict/cause problems for our test runs due to those defining token constants too. - We could potentially use [Phive](https://phar.io/) to still have a setup which can be used locally, but just running locally from a PHPStan PHAR file should work just fine. - For CI, PHPStan will be installed as a PHAR file by `setup-php` now. This does carry a risk _if_ PHPStan would make breaking changes or if a new release adds rules for the levels being scanned as, in that case, builds could unexpectedly start failing. We could fix the version `setup-php` action installs to the current release `1.10.30`, but that adds an additional maintenance burden of having to keep updating the version as PHPStan releases pretty often. So, for now, I've elected to run the risk of random failures. If and when those start happening, we can re-evaluate. - The PHP version for the CI run is set to PHP 7.4 to prevent PHPStan throwing some errors/notices related to the outdated PHPUnit version being used. * Adds a configuration file for PHPStan. Notes: - PHPStan needs to know about our dependencies (PHPCS et al), so I'm (re-)using the bootstrap file we have for our tests to load the PHPCS autoloader and register the standard with the PHPCS autoloader as we can't add an `autoload` directive to our `composer.json` file as it would cause problems with the PHPCS autoloader. - PHPStan flags type checks on properties with a documented type, while - especially for the `public` properties - we cannot always be sure the properties set will be of the correct type. For that reason, I've set `treatPhpDocTypesAsCertain` to `false` (which silences those notices). * Adds the configuration file to `.gitattributes` and the typical overload file for the configuration file to `.gitignore`. Refs: * https://phpstan.org/ * https://phpstan.org/config-reference --- .gitattributes | 1 + .github/workflows/basics.yml | 28 ++++++++++++++++++++++++++++ .gitignore | 1 + phpstan.neon.dist | 13 +++++++++++++ 4 files changed, 43 insertions(+) create mode 100644 phpstan.neon.dist diff --git a/.gitattributes b/.gitattributes index c6cded19..08338d53 100644 --- a/.gitattributes +++ b/.gitattributes @@ -8,6 +8,7 @@ /.gitattributes export-ignore /.gitignore export-ignore /.phpcs.xml.dist export-ignore +/phpstan.neon.dist export-ignore /phpunit.xml.dist export-ignore /.github export-ignore /bin export-ignore diff --git a/.github/workflows/basics.yml b/.github/workflows/basics.yml index 9ce6955c..7e616537 100644 --- a/.github/workflows/basics.yml +++ b/.github/workflows/basics.yml @@ -76,3 +76,31 @@ jobs: # At a later stage the documentation check can be activated. - name: Check sniff feature completeness run: composer feature-completeness + + phpstan: + name: "PHPStan" + + runs-on: "ubuntu-latest" + + steps: + - name: Checkout code + uses: actions/checkout@v3 + + - name: Install PHP + uses: shivammathur/setup-php@v2 + with: + php-version: '7.4' + coverage: none + tools: phpstan + + # Install dependencies and handle caching in one go. + # Dependencies need to be installed to make sure the PHPCS and PHPUnit classes are recognized. + # @link https://github.com/marketplace/actions/install-composer-dependencies + - name: Install Composer dependencies + uses: "ramsey/composer-install@v2" + with: + # Bust the cache at least once a month - output format: YYYY-MM. + custom-cache-suffix: $(date -u "+%Y-%m") + + - name: Run PHPStan + run: phpstan analyse diff --git a/.gitignore b/.gitignore index 4c8e37bd..8c5b8732 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ phpcs.xml .phpcs.xml phpunit.xml phpcs.cache +phpstan.neon diff --git a/phpstan.neon.dist b/phpstan.neon.dist new file mode 100644 index 00000000..d6d59ff5 --- /dev/null +++ b/phpstan.neon.dist @@ -0,0 +1,13 @@ +parameters: + #phpVersion: 50400 # Needs to be 70100 or higher... sigh... + level: 5 + paths: + - WordPressVIPMinimum + - tests + bootstrapFiles: + - tests/bootstrap.php + scanDirectories: + - vendor/wp-coding-standards/wpcs/WordPress + treatPhpDocTypesAsCertain: false + + ignoreErrors: From 944874deb7ecd3d3cf93c39eb57ec608e48a7a24 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 24 Aug 2023 04:17:48 +0200 Subject: [PATCH 37/42] GH Actions: tweak the way the PHPCS/WPCS versions are set VIPCS now doesn't just have PHPCS and WPCS as dependencies for the sniffs and ruleset tests, but also PHPCSUtils, PHPCSExtra and VariableAnalysis and for those last three, the different versions which may be supported are not (yet) taken into account. Now, it could be argued that every single combination of the different versions of each of these dependencies should be tested, but that would make the matrix _huge_ to little added benefit. So, instead I'm proposing a slightly different strategy, which should still allow us to verify that things work correctly with enough confidence, while making the workflow maintenance less involved. The change I'm proposed in this commit takes advantage of the Composer `--prefer-lowest` option to achieve this. It basically sets the matrix up to test against a combination of all CS dependencies on their lowest supported version + on their stable/highest supported version. While at this time, the lowest and the stable versions are the same, this will not always be the case, so having the matrix set up this way allows for new releases of these CS dependencies automatically. In the original setup, the highest/stable version combi wasn't tested. Instead a combi using the `dev` version of the dependencies was used. To me, it makes sense to test against the `dev` versions as well, but I don't believe this needs to be done for the whole range of supported PHP versions. To that end, I've set up four extra jobs against select high/low PHP versions in the `test` workflow to test against a combination of all CS dependencies on their latest `dev` version. Note: I have not added the setup for testing against `dev` versions to the `quicktest` workflow. Also note that the workflows currently contain a toggle for installing the `lowest` versions with/without ignoring platform requirement. This toggle is needed for PHP 8.x due to the max supported PHPUnit version being PHPUnit 7.x. This toggle can be removed once upstream PR squizlabs/PHP_CodeSniffer 3803 has been merged. --- .github/workflows/quicktest.yml | 57 ++++++++++++++-------------- .github/workflows/test.yml | 66 ++++++++++++++++++++++++--------- 2 files changed, 77 insertions(+), 46 deletions(-) diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index 39f8bda0..6e692984 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -27,49 +27,30 @@ jobs: matrix: include: - php: '5.4' - phpcs_version: 'dev-master' - wpcs_version: '3.0.*' + dependencies: 'stable' - php: '5.4' - phpcs_version: '3.7.2' - wpcs_version: '3.0.*' + dependencies: 'lowest' - php: 'latest' - phpcs_version: 'dev-master' - wpcs_version: '3.0.*' + dependencies: 'stable' - php: 'latest' - phpcs_version: '3.7.2' - wpcs_version: '3.0.*' + dependencies: 'lowest' - name: "QTest${{ matrix.phpcs_version == 'dev-master' && ' + Lint' || '' }}: PHP ${{ matrix.php }} - PHPCS ${{ matrix.phpcs_version }}" + name: "QTest${{ matrix.dependencies == 'stable' && ' + Lint' || '' }}: PHP ${{ matrix.php }} - PHPCS ${{ matrix.dependencies }}" steps: - name: Checkout code uses: actions/checkout@v3 - # On stable PHPCS versions, allow for PHP deprecation notices. - # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. - - name: Setup ini config - id: set_ini - run: | - if [[ "${{ matrix.phpcs_version }}" != "dev-master" ]]; then - echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED, display_errors=On' >> $GITHUB_OUTPUT - else - echo 'PHP_INI=error_reporting=-1, display_errors=On' >> $GITHUB_OUTPUT - fi - - name: Set up PHP uses: shivammathur/setup-php@v2 with: php-version: ${{ matrix.php }} - ini-values: ${{ steps.set_ini.outputs.PHP_INI }} + # With stable PHPCS dependencies, allow for PHP deprecation notices. + # Unit tests shouldn't fail on those for stable releases where those issues won't get fixed anymore. + ini-values: error_reporting=E_ALL & ~E_DEPRECATED, display_errors=On coverage: none - - name: 'Composer: set PHPCS version for tests' - run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - - - name: 'Composer: set WPCS version for tests' - run: composer require wp-coding-standards/wpcs:"${{ matrix.wpcs_version }}" --no-update --no-scripts --no-interaction - # Install dependencies and handle caching in one go. # @link https://github.com/marketplace/actions/install-composer-dependencies - name: Install Composer dependencies - normal @@ -88,11 +69,31 @@ jobs: composer-options: --ignore-platform-req=php+ custom-cache-suffix: $(date -u "+%Y-%m") + - name: "Composer: downgrade PHPCS dependencies for tests (lowest)" + if: ${{ matrix.php == '5.4' && matrix.dependencies == 'lowest' }} + run: > + composer update --prefer-lowest --no-scripts --no-interaction + squizlabs/php_codesniffer + phpcsstandards/phpcsutils + phpcsstandards/phpcsextra + sirbrillig/phpcs-variable-analysis + wp-coding-standards/wpcs + + - name: "Composer: downgrade PHPCS dependencies for tests (lowest) - with ignore platform" + if: ${{ matrix.php == 'latest' && matrix.dependencies == 'lowest' }} + run: > + composer update --prefer-lowest --no-scripts --no-interaction --ignore-platform-req=php+ + squizlabs/php_codesniffer + phpcsstandards/phpcsutils + phpcsstandards/phpcsextra + sirbrillig/phpcs-variable-analysis + wp-coding-standards/wpcs + - name: Display PHPCS installed standards run: ./vendor/bin/phpcs -i - name: Lint against parse errors - if: matrix.phpcs_version == 'dev-master' + if: matrix.dependencies == 'stable' run: ./bin/php-lint - name: Run the unit tests diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 142ce574..11c8127b 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -62,25 +62,31 @@ jobs: strategy: # Keys: # - php: The PHP versions to test against. - # - phpcs_version: The PHPCS versions to test against. + # - dependencies: The PHPCS dependencies versions to test against. # IMPORTANT: test runs shouldn't fail because of PHPCS being incompatible with a PHP version. # - PHPCS will run without errors on PHP 5.4 - 7.4 on any supported version. # - PHP 8.0 needs PHPCS 3.5.7+ to run without errors, and we require a higher minimum version. # - PHP 8.1 needs PHPCS 3.6.1+ to run without errors, but works best with 3.7.1+, and we require at least this minimum version. - # - The `wpcs_version` key is added to allow additional test builds when multiple WPCS versions - # would be supported. As, at this time, only the latest stable release of WPCS is supported, - # no additional versions are included in the array. matrix: php: ['5.4', '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2'] - phpcs_version: ['3.7.2', 'dev-master'] - wpcs_version: ['3.0.*'] + dependencies: ['lowest', 'stable'] include: + # Test against dev versions of all dependencies with select PHP versions for early detection of issues. + - php: '5.4' + dependencies: 'dev' + - php: '7.0' + dependencies: 'dev' + - php: '7.4' + dependencies: 'dev' + - php: '8.2' + dependencies: 'dev' + + # Test against upcoming PHP version. - php: '8.3' - phpcs_version: 'dev-master' - wpcs_version: '3.0.*' + dependencies: 'dev' - name: "Test: PHP ${{ matrix.php }} - PHPCS ${{ matrix.phpcs_version }} - WPCS ${{ matrix.wpcs_version }}" + name: "Test: PHP ${{ matrix.php }} - PHPCS ${{ matrix.dependencies }}" continue-on-error: ${{ matrix.php == '8.3' }} @@ -88,15 +94,15 @@ jobs: - name: Checkout code uses: actions/checkout@v3 - # On stable PHPCS versions, allow for PHP deprecation notices. + # With stable PHPCS dependencies, allow for PHP deprecation notices. # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. - name: Setup ini config id: set_ini run: | - if [[ "${{ matrix.phpcs_version }}" != "dev-master" ]]; then - echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED' >> $GITHUB_OUTPUT + if [[ "${{ matrix.dependencies }}" != "dev" ]]; then + echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED, display_errors=On' >> $GITHUB_OUTPUT else - echo 'PHP_INI=error_reporting=-1' >> $GITHUB_OUTPUT + echo 'PHP_INI=error_reporting=-1, display_errors=On' >> $GITHUB_OUTPUT fi - name: Install PHP @@ -106,11 +112,15 @@ jobs: ini-values: ${{ steps.set_ini.outputs.PHP_INI }} coverage: none - - name: 'Composer: set PHPCS version for tests' - run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - - - name: 'Composer: set WPCS version for tests' - run: composer require wp-coding-standards/wpcs:"${{ matrix.wpcs_version }}" --no-update --no-scripts --no-interaction + - name: "Composer: set PHPCS dependencies for tests (dev)" + if: ${{ matrix.dependencies == 'dev' }} + run: > + composer require --no-update --no-scripts --no-interaction + squizlabs/php_codesniffer:"dev-master" + phpcsstandards/phpcsutils:"dev-develop" + phpcsstandards/phpcsextra:"dev-develop" + sirbrillig/phpcs-variable-analysis:"2.x" + wp-coding-standards/wpcs:"dev-develop" # Install dependencies and handle caching in one go. # @link https://github.com/marketplace/actions/install-composer-dependencies @@ -130,6 +140,26 @@ jobs: composer-options: --ignore-platform-req=php+ custom-cache-suffix: $(date -u "+%Y-%m") + - name: "Composer: downgrade PHPCS dependencies for tests (lowest)" + if: ${{ ! startsWith( matrix.php, '8' ) && matrix.dependencies == 'lowest' }} + run: > + composer update --prefer-lowest --no-scripts --no-interaction + squizlabs/php_codesniffer + phpcsstandards/phpcsutils + phpcsstandards/phpcsextra + sirbrillig/phpcs-variable-analysis + wp-coding-standards/wpcs + + - name: "Composer: downgrade PHPCS dependencies for tests (lowest) - with ignore platform" + if: ${{ startsWith( matrix.php, '8' ) && matrix.dependencies == 'lowest' }} + run: > + composer update --prefer-lowest --no-scripts --no-interaction --ignore-platform-req=php+ + squizlabs/php_codesniffer + phpcsstandards/phpcsutils + phpcsstandards/phpcsextra + sirbrillig/phpcs-variable-analysis + wp-coding-standards/wpcs + - name: Run the unit tests run: ./bin/unit-tests From 22e31f708dd3c7b630e664dd130a5966dc6061f2 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Sat, 26 Aug 2023 04:03:03 +0200 Subject: [PATCH 38/42] Security/Mustache: prevent false positives on block editor templates As reported in 541#issuecomment-1692323177. This commit fixes the issue + adds a test to safeguard the fix. --- WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php | 2 +- WordPressVIPMinimum/Tests/Security/MustacheUnitTest.inc | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php b/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php index ac18f3c7..b026b443 100644 --- a/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php +++ b/WordPressVIPMinimum/Sniffs/Security/MustacheSniff.php @@ -45,7 +45,7 @@ public function register() { */ public function process_token( $stackPtr ) { - if ( strpos( $this->tokens[ $stackPtr ]['content'], '{{{' ) !== false || strpos( $this->tokens[ $stackPtr ]['content'], '}}}' ) !== false ) { + if ( strpos( $this->tokens[ $stackPtr ]['content'], '{{{' ) !== false && strpos( $this->tokens[ $stackPtr ]['content'], '}}}' ) !== false ) { // Mustache unescaped output notation. $message = 'Found Mustache unescaped output notation: "{{{}}}".'; $this->phpcsFile->addWarning( $message, $stackPtr, 'OutputNotation' ); diff --git a/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.inc b/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.inc index 3e53d63e..12e2cb37 100644 --- a/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.inc +++ b/WordPressVIPMinimum/Tests/Security/MustacheUnitTest.inc @@ -17,4 +17,7 @@ echo '{{&data}}'; // NOK: data. return new Handlebars.SafeString(result); // NOK: SafeString. }); - \ No newline at end of file + + +// Issue 541#issuecomment-1692323177: don't flag GB syntax. +
From 27582886ad93c2e090f48214e5c5ceeb8df5aa93 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Wed, 23 Aug 2023 04:46:23 +0200 Subject: [PATCH 39/42] Updates related to branch rename from master to main Closes 666 --- .github/CONTRIBUTING.md | 8 ++++---- .github/ISSUE_TEMPLATE/bug_report.md | 4 ++-- .github/ISSUE_TEMPLATE/release-template.md | 4 ++-- .github/workflows/quicktest.yml | 4 ++-- .github/workflows/test.yml | 4 ++-- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index a7c5da76..4817e0d5 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -44,7 +44,7 @@ After `composer install`, you can do: ## Branches -Ongoing development will be done in feature branches then pulled against the `develop` branch and follows a typical _git-flow_ approach, where merges to `master` only happen when a new release is made. +Ongoing development will be done in feature branches then pulled against the `develop` branch and follows a typical _git-flow_ approach, where merges to `main` only happen when a new release is made. To contribute an improvement to this project, fork the repo and open a pull request to the relevant branch. Alternatively, if you have push access to this repo, create a feature branch prefixed by `fix/` (followed by the issue number) or `add/` and then open a PR from that branch to the default (`develop`) branch. @@ -199,9 +199,9 @@ When adding or changing a sniff, the ruleset test files should be updated to mat - In a `changelog/x.y.z` branch off of `develop`, update the `CHANGELOG.md` with a list of all of the changes following the keepachangelog.com format. Include PR references and GitHub username props. - Create a PR of `develop` <-- `changelog/x.y.z`, but do not merge until ready to release. -- Create a PR of `master` <-- `develop`, and copy-paste the [`release-template.md`](https://github.com/Automattic/VIP-Coding-Standards/blob/develop/.github/ISSUE_TEMPLATE/release-template.md) contents. -- When ready to release, merge the change log PR into `develop`, then merge the `develop` into `master` PR. -- Tag the commit in `master` with the appropriate version number. Ideally, have it signed. +- Create a PR of `main` <-- `develop`, and copy-paste the [`release-template.md`](https://github.com/Automattic/VIP-Coding-Standards/blob/develop/.github/ISSUE_TEMPLATE/release-template.md) contents. +- When ready to release, merge the change log PR into `develop`, then merge the `develop` into `main` PR. +- Tag the commit in `main` with the appropriate version number. Ideally, have it signed. - Close the current milestone. - Open a new milestone for the next release. - If any open PRs/issues which were milestoned for this release do not make it into the release, update their milestone. diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index c089b1d2..5bfbcec3 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -53,7 +53,7 @@ Use `php -v` and `composer show` to get versions. -## Tested Against `master` branch? +## Tested Against `main` branch? -- [ ] I have verified the issue still exists in the `master` branch of VIPCS. +- [ ] I have verified the issue still exists in the `main` branch of VIPCS. - [ ] I have verified the issue still exists in the `develop` branch of VIPCS. diff --git a/.github/ISSUE_TEMPLATE/release-template.md b/.github/ISSUE_TEMPLATE/release-template.md index 026b6704..9ce956a0 100644 --- a/.github/ISSUE_TEMPLATE/release-template.md +++ b/.github/ISSUE_TEMPLATE/release-template.md @@ -13,11 +13,11 @@ assignees: GaryJones, rebeccahum PR for tracking changes for the X.Y.Z release. Target release date: DOW DD MMMM YYYY. -- [ ] Scan WordPress (or just wp-admin folder) with prior version and compare results against new release for potential new bugs. +- [ ] Scan WordPress (or just wp-admin folder) with prior version and compare results against new release for potential new bugs. - [ ] Add change log for this release: PR #XXX - [ ] Double-check whether any dependencies need bumping. - [ ] Merge this PR. -- [ ] Add signed release tag against `master`. +- [ ] Add signed release tag against `main`. - [ ] Close the current milestone. - [ ] Open a new milestone for the next release. - [ ] If any open PRs/issues which were milestoned for this release do not make it into the release, update their milestone. diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index 6e692984..becaac4c 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -1,10 +1,10 @@ name: Quicktest on: - # Run on pushes, including merges, to all branches except `master`. + # Run on pushes, including merges, to all branches except `main`. push: branches-ignore: - - master + - main paths-ignore: - '**.md' # Allow manually triggering the workflow. diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 11c8127b..cc5ed0a6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -1,11 +1,11 @@ name: Test on: - # Run on pushes to `master` and on all pull requests. + # Run on pushes to `main` and on all pull requests. # Prevent the "push" build from running when there are only irrelevant changes. push: branches: - - master + - main paths-ignore: - '**.md' pull_request: From 60988b1bc66bc64d25f69b6a295371048f9c237c Mon Sep 17 00:00:00 2001 From: Gary Jones Date: Thu, 31 Aug 2023 16:06:01 +0100 Subject: [PATCH 40/42] PHPUnit: Use 7.5 schema --- .github/CONTRIBUTING.md | 2 +- phpunit.xml.dist | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index a7c5da76..5362c693 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -90,7 +90,7 @@ The easiest way to do this is to add a `phpunit.xml` file to the root of your VI Date: Thu, 31 Aug 2023 16:04:42 +0100 Subject: [PATCH 41/42] Docs: Update CONTRIBUTING.md --- .github/CONTRIBUTING.md | 98 +++++++++++++++++++++++++---------------- 1 file changed, 59 insertions(+), 39 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 4817e0d5..80aea921 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -17,11 +17,12 @@ Since VIPCS employs many sniffs that are part of PHPCS, and makes use of WordPre To determine where best to report the bug, use the first part of the sniff name: -Sniffname starts with | Report to +Sniff name starts with | Report to --- | --- `Generic` | [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer/issues/) `PSR2` | [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer/issues/) `Squiz` | [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer/issues/) +`Universal` | [PHPCSExtra](https://github.com/PHPCSStandards/PHPCSExtra/issues/) `VariableAnalysis` | [VariableAnalysis](https://github.com/sirbrillig/phpcs-variable-analysis/issues/) `WordPress` | [WordPressCS](https://github.com/WordPress/WordPress-Coding-Standards/issues/) `WordPressVIPMinimum` | [VIPCS](https://github.com/Automattic/VIP-Coding-Standards/issues/) (this repo) @@ -112,47 +113,52 @@ The easiest way to do this is to add a `phpunit.xml` file to the root of your VI * To run the unit tests: ```sh - phpunit --filter WordPressVIPMinimum $PHPCS_DIR/tests/AllTests.php + composer test ``` Expected output: ``` PHPUnit 7.5.20 by Sebastian Bergmann and contributors. -.......................................... 42 / 42 (100%) +........................................ 40 / 40 (100%) -43 sniff test files generated 117 unique error codes; 0 were fixable (0%) +45 sniff test files generated 175 unique error codes; 0 were fixable (0%) -Time: 246 ms, Memory: 32.00 MB +Time: 150 ms, Memory: 20.00 MB + +OK (40 tests, 0 assertions) ``` ### Unit Testing conventions -If you look inside the `WordPressVIPMinimum/Tests` subdirectory, you'll see the structure mimics the `WordPressVIPMinimum/Sniffs` subdirectory structure. For example, the `WordPressVIPMinimum/Sniffs/VIP/WPQueryParams.php` sniff has its unit test class defined in `WordPressVIPMinimum/Tests/VIP/WPQueryParamsUnitTest.php` which checks the `WordPressVIPMinimum/Tests/VIP/WPQueryParamsUnitTest.inc` test case file. See the file naming convention? +If you look inside the `WordPressVIPMinimum/Tests` subdirectory, you'll see the structure mimics the `WordPressVIPMinimum/Sniffs` subdirectory structure. For example, the `WordPressVIPMinimum/Sniffs/Performance/WPQueryParams.php` sniff has its unit test class defined in `WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.php` which checks the `WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.inc` test case file. See the file naming convention? -Lets take a look at what's inside `WPQueryParamsUnitTest.php`: +Let's take a look at what's inside `WPQueryParamsUnitTest.php`: ```php ... -namespace WordPressVIPMinimum\Tests\VIP; +namespace WordPressVIPMinimum\Tests\Performance; use PHP_CodeSniffer\Tests\Standards\AbstractSniffUnitTest; /** * Unit test class for the WP_Query params sniff. + * + * @covers \WordPressVIPMinimum\Sniffs\Performance\WPQueryParamsSniff */ class WPQueryParamsUnitTest extends AbstractSniffUnitTest { /** * Returns the lines where errors should occur. * - * @return array => + * @return array Key is the line number, value is the number of expected errors. */ public function getErrorList() { - return array( + return [ 5 => 1, 17 => 1, - ); + 31 => 1, + ]; } ... ``` @@ -161,24 +167,35 @@ Also note the class name convention. The method `getErrorList()` MUST return an If you run: ```sh -$ cd /path-to-cloned/phpcs -$ ./bin/phpcs --standard=WordPressVIPMinimum -s --sniffs=WordPressVIPMinimum.VIP.WPQueryParams /path/to/WordPressVIPMinimum/Tests/VIP/WPQueryParamsUnitTest.inc -... -E 1 / 1 (100%) - - - -FILE: /path/to/vipcs/WordPressVIPMinimum/Tests/VIP/WPQueryParamsUnitTest.inc --------------------------------------------------------------------------------------------------------------------------------- -FOUND 2 ERRORS AND 2 WARNINGS AFFECTING 4 LINES --------------------------------------------------------------------------------------------------------------------------------- - 4 | WARNING | Using `post__not_in` should be done with caution. (WordPressVIPMinimum.VIP.WPQueryParams.post__not_in) - 5 | ERROR | Setting `suppress_filters` to `true` is probihited. - | | (WordPressVIPMinimum.VIP.WPQueryParams.suppressFiltersTrue) - 11 | WARNING | Using `post__not_in` should be done with caution. (WordPressVIPMinimum.VIP.WPQueryParams.post__not_in) - 17 | ERROR | Setting `suppress_filters` to `true` is probihited. - | | (WordPressVIPMinimum.VIP.WPQueryParams.suppressFiltersTrue) --------------------------------------------------------------------------------------------------------------------------------- +$ cd /path/to/vipcs +$ ./vendor/bin/phpcs --standard=WordPressVIPMinimum -s --sniffs=WordPressVIPMinimum.Performance.WPQueryParams WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.inc + +FILE: /path/to/vipcs/WordPressVIPMinimum/Tests/Performance/WPQueryParamsUnitTest.inc +------------------------------------------------------------------------------------------------------------------------------------------------------ +FOUND 3 ERRORS AND 5 WARNINGS AFFECTING 8 LINES +------------------------------------------------------------------------------------------------------------------------------------------------------ + 4 | WARNING | Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see + | | https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information. + | | (WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_post__not_in) + 5 | ERROR | Setting `suppress_filters` to `true` is prohibited. + | | (WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters) + 11 | WARNING | Using exclusionary parameters, like post__not_in, in calls to get_posts() should be done with caution, see + | | https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information. + | | (WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_post__not_in) + 17 | ERROR | Setting `suppress_filters` to `true` is prohibited. + | | (WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters) + 21 | WARNING | Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see + | | https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information. + | | (WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude) + 29 | WARNING | Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see + | | https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information. + | | (WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude) + 30 | WARNING | Using exclusionary parameters, like exclude, in calls to get_posts() should be done with caution, see + | | https://wpvip.com/documentation/performance-improvements-by-removing-usage-of-post__not_in/ for more information. + | | (WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_exclude) + 31 | ERROR | Setting `suppress_filters` to `true` is prohibited. + | | (WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters) +------------------------------------------------------------------------------------------------------------------------------------------------------ .... ``` You'll see the line number and number of ERRORs we need to return in the `getErrorList()` method. @@ -189,23 +206,26 @@ The `--sniffs=...` directive limits the output to the sniff you are testing. The ruleset tests, previously named here as _integration tests_, are our way of ensuring that _rulesets_ do check for the violations we expect them to. -An example where it might not would be when a ruleset references a local sniff or a sniff from upstream (WPCS or PHPCS), but that the violation code, sniff name or category name has changed. Without a ruleset test, this would go unnoticed. +An example where it might not would be when a ruleset references a local sniff or a sniff from upstream (WordPressCS or PHPCS), but that the violation code, sniff name or category name has changed. Without a ruleset test, this would go unnoticed. -The `composer check` or `composer test-ruleset` commands run the `ruleset-test.php` files (one for each standard), which internally run `phpcs` against the "dirty" test files (`ruleset-test.inc`), and looks out for a known number of errors, warnings, and messages on each line. This is then compared against the expected errors, warnings and messages to see if there are any missing or unexpected violations or difference in messages. +The `composer check` or `composer test-ruleset` commands run the `ruleset-test.php` files (one for each ruleset), which internally run `phpcs` against the "dirty" test files (`ruleset-test.inc`), and looks out for a known number of errors, warnings, and messages on each line. This is then compared against the expected errors, warnings, and messages to see if there are any missing or unexpected violations or difference in messages. When adding or changing a sniff, the ruleset test files should be updated to match. ## Releases -- In a `changelog/x.y.z` branch off of `develop`, update the `CHANGELOG.md` with a list of all of the changes following the keepachangelog.com format. Include PR references and GitHub username props. -- Create a PR of `develop` <-- `changelog/x.y.z`, but do not merge until ready to release. -- Create a PR of `main` <-- `develop`, and copy-paste the [`release-template.md`](https://github.com/Automattic/VIP-Coding-Standards/blob/develop/.github/ISSUE_TEMPLATE/release-template.md) contents. -- When ready to release, merge the change log PR into `develop`, then merge the `develop` into `main` PR. +- Create a `release/x.y.z` branch off of `develop`. +- In a `release/x.y.z-changelog` branch off of `release/x.y.z`, update the `CHANGELOG.md` with a list of all of the changes following the keepachangelog.com format. Include PR references and GitHub username props. +- Create a PR of `release/x.y.z` <-- `release/x.y.z-changelog`, but do not merge until ready to release. +- Create any other last-minute PRs as necessary, such as documentation updates, against the release branch. +- When ready to release, merge the changelog and other branches into `release/x.y.z`. +- Create a PR of `main` <-- `release/x.y.z`, and copy-paste the [`release-template.md`](https://github.com/Automattic/VIP-Coding-Standards/blob/develop/.github/ISSUE_TEMPLATE/release-template.md) contents. +- When ready to release, merge `release/x.y.z` into `main`. Undelete the release branch after merging. - Tag the commit in `main` with the appropriate version number. Ideally, have it signed. -- Close the current milestone. - Open a new milestone for the next release. - If any open PRs/issues which were milestoned for this release do not make it into the release, update their milestone. -- Write a Lobby post to inform VIP customers about the release, including the date when the Review Bot will be updated (usually about 1.5 weeks after the VIPCS release). +- Close the current milestone. +- Create a PR of `develop` <-- `release/x.y.z` and merge in when ready. +- Write a Lobby post to inform VIP customers about the release, including the date when the VIP Code Analysis Bot will be updated (usually about 2 weeks after the VIPCS release). - Write an internal P2 post. -- Open a PR to update the [Review Bot dependencies](https://github.com/Automattic/vip-go-ci/blob/master/tools-init.sh). - +- Open a PR to update the [VIP Code Analysis bot dependencies](https://github.com/Automattic/vip-go-ci/blob/master/tools-init.sh). From 1080d56178234c759fc2a80a258f8380e374d822 Mon Sep 17 00:00:00 2001 From: Gary Jones Date: Tue, 29 Aug 2023 17:58:55 +0100 Subject: [PATCH 42/42] 3.0.0: Add changelog --- CHANGELOG.md | 44 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 43 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ef4c4be9..1105bddb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,48 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). +## [3.0.0] - 2023-09-05 + +Props: @GaryJones, @jrfnl + +This release requires [WordPressCS 3.0.0](https://github.com/WordPress/WordPress-Coding-Standards/releases/tag/3.0.0). It is not compatible with WordPressCS 2.x. Users should read the [WordPressCS 3.0 upgrade guide for end-users](https://github.com/WordPress/WordPress-Coding-Standards/wiki/Upgrade-Guide-to-WordPressCS-3.0.0-for-ruleset-maintainers). + +Increases requirements for PHPCS from 3.7.1 to 3.7.2. + +The tagged releases branch is now `main` instead of `master`. + +### Added +- [#777](https://github.com/Automattic/VIP-Coding-Standards/pull/777): 3.0: start using PHPCSUtils. +- [#779](https://github.com/Automattic/VIP-Coding-Standards/pull/779): 3.0: support WordPressCS 3.0. + +## Changed +- [#780](https://github.com/Automattic/VIP-Coding-Standards/pull/780): Performance/WPQueryParams: defer to the parent sniff. + - Two error codes changed: + - `WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn` is now `WordPressVIPMinimum.Performance.WPQueryParams.PostNotIn_post__not_in`. + - `WordPressVIPMinimum.Performance.WPQueryParams.SuppressFiltersTrue` is now `WordPressVIPMinimum.Performance.WPQueryParams.SuppressFilters_suppress_filters`. + +### Removed +- [#774](https://github.com/Automattic/VIP-Coding-Standards/pull/774): Performance/BatcacheWhitelistedParams: remove the sniff. +- [#775](https://github.com/Automattic/VIP-Coding-Standards/pull/775): Compatibility/Zoninator: remove the sniff. +- [#776](https://github.com/Automattic/VIP-Coding-Standards/pull/776): Variables/VariableAnalysis: remove the sniff. + +### Fixed +- [#784](https://github.com/Automattic/VIP-Coding-Standards/pull/784): Performance/WPQueryParams: prevent false positives for `'exclude'` with `get_users()`. +- [#788](https://github.com/Automattic/VIP-Coding-Standards/pull/788): Security/Mustache: prevent false positives on block editor templates. + +### Maintenance +- [#778](https://github.com/Automattic/VIP-Coding-Standards/pull/778): CS: improve use statements. +- [#781](https://github.com/Automattic/VIP-Coding-Standards/pull/781): Performance/NoPaging: add extra tests. +- [#782](https://github.com/Automattic/VIP-Coding-Standards/pull/782): GH Actions: minor tweaks to the composer options used. +- [#783](https://github.com/Automattic/VIP-Coding-Standards/pull/783): Hooks/AlwaysReturnInFilter: remove redundant condition. +- [#785](https://github.com/Automattic/VIP-Coding-Standards/pull/785): Docs: remove redundant `@package` tags. +- [#786](https://github.com/Automattic/VIP-Coding-Standards/pull/786): Add PHPStan to QA checks. +- [#787](https://github.com/Automattic/VIP-Coding-Standards/pull/787): GH Actions: tweak the way the PHPCS/WPCS versions are set. +- [#789](https://github.com/Automattic/VIP-Coding-Standards/pull/789): Updates related to branch rename from `master` to `main`. +- [#790](https://github.com/Automattic/VIP-Coding-Standards/pull/790): PHPUnit: Use 7.5 schema. +- [#791](https://github.com/Automattic/VIP-Coding-Standards/pull/791): Docs: Update `CONTRIBUTING.md`. + + ## [2.3.4] - 2023-07-05 Props: kshaner, GaryJones, jrfnl, yolih @@ -632,7 +674,7 @@ Initial release. Props: david-binda, pkevan. - +[3.0.0]: https://github.com/Automattic/VIP-Coding-Standards/compare/2.3.4...3.0.0 [2.3.4]: https://github.com/Automattic/VIP-Coding-Standards/compare/2.3.3...2.3.4 [2.3.3]: https://github.com/Automattic/VIP-Coding-Standards/compare/2.3.2...2.3.3 [2.3.2]: https://github.com/Automattic/VIP-Coding-Standards/compare/2.3.1...2.3.2