From dd9b56758c9547e5f000e7d517c31616b678407f Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 12 Sep 2023 18:10:44 +0200 Subject: [PATCH 01/40] Add dependabot configuration file This commit adds an initial Dependabot configuration to: * Submit pull requests for security updates and version updates for GH Action runner dependencies. At a later point in time, we could consider enabling it for Composer dependencies as well. The configuration has been set up to: * Run weekly (for now). * Submit a maximum of 5 pull requests at a time. If additional pull requests are needed, these will subsequently be submitted the next time Dependabot runs after one or more of the open pull requests have been merged. * The commit messages for PRs submitted by Dependabot will be prefixed according the unofficial conventions used in this repo up to now. * The PRs will automatically be labelled with an appropriate label as already in use in this repo. Refs: * https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file * https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy --- .github/dependabot.yml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000000..97c58b7822 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,17 @@ +# Dependabot configuration. +# +# Please see the documentation for all configuration options: +# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + time: "09:00" + open-pull-requests-limit: 5 + commit-message: + prefix: "GH Actions:" + labels: + - "Type: Chores/Cleanup" From 991cf2169d294d96b6105c2ac43535d3c9803803 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20=C5=BDoljom?= Date: Thu, 14 Sep 2023 15:18:09 +0200 Subject: [PATCH 02/40] Fix the release date in the changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2e9ca7edb4..7bfac3e701 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,7 @@ This projects adheres to [Semantic Versioning](https://semver.org/) and [Keep a _No documentation available about unreleased changes as of yet._ -## [3.0.1] - 2023-09-13 +## [3.0.1] - 2023-09-14 ### Added From 82d5c916b13a6631c653987fd63b0d7db14b73e8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Sep 2023 13:57:36 +0000 Subject: [PATCH 03/40] GH Actions: Bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/basic-qa.yml | 6 +++--- .github/workflows/quicktest.yml | 2 +- .github/workflows/unit-tests.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/basic-qa.yml b/.github/workflows/basic-qa.yml index 94432f31b5..97943efa21 100644 --- a/.github/workflows/basic-qa.yml +++ b/.github/workflows/basic-qa.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup PHP uses: shivammathur/setup-php@v2 @@ -104,7 +104,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up PHP uses: shivammathur/setup-php@v2 @@ -174,7 +174,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Install PHP uses: shivammathur/setup-php@v2 diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index 52f0d3bb8d..182c24c1de 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # On stable PHPCS versions, allow for PHP deprecation notices. # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 384bfa226e..ab5f8f5b50 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -61,7 +61,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # On stable PHPCS versions, allow for PHP deprecation notices. # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. From 25033a65262dc8874017d63eea46528260c8802d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20=C5=BDoljom?= Date: Mon, 18 Sep 2023 11:24:36 +0200 Subject: [PATCH 04/40] Add defensive coding to posts per page sniff and add tests The posts per page sniff should bail out early if empty string is passed as a value. The tests were added for both posts per page sniff and slow db query sniff, to check if empty string is passed as a value. In the case of SlowDBQuery the sniff should flag cases where there is and isn't a value passed, as that sniff will always flag whenever meta_key and meta_value are used in a query. --- WordPress/Sniffs/WP/PostsPerPageSniff.php | 4 ++++ WordPress/Tests/DB/SlowDBQueryUnitTest.inc | 4 ++++ WordPress/Tests/DB/SlowDBQueryUnitTest.php | 3 +++ WordPress/Tests/WP/PostsPerPageUnitTest.inc | 14 ++++++++++++++ 4 files changed, 25 insertions(+) diff --git a/WordPress/Sniffs/WP/PostsPerPageSniff.php b/WordPress/Sniffs/WP/PostsPerPageSniff.php index a3f8ce45a7..e2575cbd43 100644 --- a/WordPress/Sniffs/WP/PostsPerPageSniff.php +++ b/WordPress/Sniffs/WP/PostsPerPageSniff.php @@ -67,6 +67,10 @@ public function getGroups() { public function callback( $key, $val, $line, $group ) { $stripped_val = TextStrings::stripQuotes( $val ); + if ( '' === $stripped_val ) { + return false; + } + if ( $val !== $stripped_val ) { // The value was a text string. For text strings, we only accept purely numeric values. if ( preg_match( '`^[0-9]+$`', $stripped_val ) !== 1 ) { diff --git a/WordPress/Tests/DB/SlowDBQueryUnitTest.inc b/WordPress/Tests/DB/SlowDBQueryUnitTest.inc index fea1379591..883673d22e 100644 --- a/WordPress/Tests/DB/SlowDBQueryUnitTest.inc +++ b/WordPress/Tests/DB/SlowDBQueryUnitTest.inc @@ -21,3 +21,7 @@ $query = 'foo=bar&meta_key=foo&meta_value=bar'; if ( ! isset( $widget['params'][0] ) ) { $widget['params'][0] = array(); } + +$query = 'foo=bar&meta_key=&meta_value=bar'; +$query = 'foo=bar&meta_key=foo&meta_value='; +$query = 'foo=bar&meta_key=&meta_value='; diff --git a/WordPress/Tests/DB/SlowDBQueryUnitTest.php b/WordPress/Tests/DB/SlowDBQueryUnitTest.php index e0832726ae..46ba3204d1 100644 --- a/WordPress/Tests/DB/SlowDBQueryUnitTest.php +++ b/WordPress/Tests/DB/SlowDBQueryUnitTest.php @@ -44,6 +44,9 @@ public function getWarningList() { 15 => 1, 16 => 1, 19 => 2, + 25 => 2, + 26 => 2, + 27 => 2, ); } } diff --git a/WordPress/Tests/WP/PostsPerPageUnitTest.inc b/WordPress/Tests/WP/PostsPerPageUnitTest.inc index 7474ba6c3c..bb216bdfbd 100644 --- a/WordPress/Tests/WP/PostsPerPageUnitTest.inc +++ b/WordPress/Tests/WP/PostsPerPageUnitTest.inc @@ -124,3 +124,17 @@ $args = array( 'posts_per_page' => 75.0, // OK (75). 'posts_per_page' => 150.000, // Bad (150). ); + +$query = 'posts_per_page=' . (int) $_POST['limit']; // OK. + +$args = array( + 'posts_per_page' => '', // OK. +); + +_query_posts( 'nopaging=true&posts_per_page=' ); // OK. + +$query_args['posts_per_page'] = ''; // OK. + +$query_args[ + 'posts_per_page' +] = ''; // OK. From 1d95bdaabe3a31e024253cba29c2056c3e03fc78 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Sep 2023 00:37:18 +0200 Subject: [PATCH 05/40] README: minor tweak Just noticed this didn't display as intended. --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0175164c96..aeb68cd909 100644 --- a/README.md +++ b/README.md @@ -61,8 +61,8 @@ The WordPress Coding Standards package requires: * [Composer](https://getcomposer.org/) For the best results, it is recommended to also ensure the following additional PHP extensions are enabled: - - [iconv](https://www.php.net/book.iconv) - - [Multibyte String](https://www.php.net/book.mbstring) +- [iconv](https://www.php.net/book.iconv) +- [Multibyte String](https://www.php.net/book.mbstring) ## Installation From 9636f2bd0864f2bcfcae0e4480b016210b9bb22b Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 5 Sep 2023 10:34:27 +0200 Subject: [PATCH 06/40] IsUnitTestTrait: add new testcase as introduced in WP Core --- WordPress/Helpers/IsUnitTestTrait.php | 1 + 1 file changed, 1 insertion(+) diff --git a/WordPress/Helpers/IsUnitTestTrait.php b/WordPress/Helpers/IsUnitTestTrait.php index a6e3b36d32..0c9c77db13 100644 --- a/WordPress/Helpers/IsUnitTestTrait.php +++ b/WordPress/Helpers/IsUnitTestTrait.php @@ -87,6 +87,7 @@ trait IsUnitTestTrait { // Domain specific base test cases. 'WP_Ajax_UnitTestCase' => true, 'WP_Canonical_UnitTestCase' => true, + 'WP_Font_Face_UnitTestCase' => true, 'WP_Test_REST_Controller_Testcase' => true, 'WP_Test_REST_Post_Type_Controller_Testcase' => true, 'WP_Test_REST_TestCase' => true, From 2b961ed1e304d793c49a4d0036b6c8f284388393 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Demarle?= Date: Tue, 10 Oct 2023 22:18:10 +0200 Subject: [PATCH 07/40] Add sanitize_locale_name() to escaping functions and unslashing sanitizing functions --- WordPress/Helpers/EscapingFunctionsTrait.php | 1 + WordPress/Helpers/SanitizationHelperTrait.php | 17 +++++++++-------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/WordPress/Helpers/EscapingFunctionsTrait.php b/WordPress/Helpers/EscapingFunctionsTrait.php index 4ebff51396..3df484ff62 100644 --- a/WordPress/Helpers/EscapingFunctionsTrait.php +++ b/WordPress/Helpers/EscapingFunctionsTrait.php @@ -84,6 +84,7 @@ trait EscapingFunctionsTrait { 'sanitize_hex_color_no_hash' => true, 'sanitize_html_class' => true, 'sanitize_key' => true, + 'sanitize_locale_name' => true, 'sanitize_user_field' => true, 'tag_escape' => true, 'urlencode_deep' => true, diff --git a/WordPress/Helpers/SanitizationHelperTrait.php b/WordPress/Helpers/SanitizationHelperTrait.php index c041dfe5c1..18769f2b81 100644 --- a/WordPress/Helpers/SanitizationHelperTrait.php +++ b/WordPress/Helpers/SanitizationHelperTrait.php @@ -137,14 +137,15 @@ trait SanitizationHelperTrait { * @var array */ private $unslashingSanitizingFunctions = array( - 'absint' => true, - 'boolval' => true, - 'count' => true, - 'doubleval' => true, - 'floatval' => true, - 'intval' => true, - 'sanitize_key' => true, - 'sizeof' => true, + 'absint' => true, + 'boolval' => true, + 'count' => true, + 'doubleval' => true, + 'floatval' => true, + 'intval' => true, + 'sanitize_key' => true, + 'sanitize_locale_name' => true, + 'sizeof' => true, ); /** From 01a62b3af147893f6be72904748aa5ccb24bbf46 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Wed, 25 Oct 2023 14:05:01 +0200 Subject: [PATCH 08/40] Ruleset: update a URL Looks like this one was missed in previous update rounds (not that it is a valid URL anyway. --- WordPress-Extra/ruleset.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/WordPress-Extra/ruleset.xml b/WordPress-Extra/ruleset.xml index 6d32e45c65..54c2bd553e 100644 --- a/WordPress-Extra/ruleset.xml +++ b/WordPress-Extra/ruleset.xml @@ -42,7 +42,7 @@ + https://github.com/WordPress/WordPress-Coding-Standards/issues/1510 --> From 0bec4fac67466c00756434367db25c2951af8df6 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 14 Nov 2023 02:34:33 +0100 Subject: [PATCH 09/40] GH Actions: minor tweaks * Update a URL which is no longer valid. * Ensure all steps have a name. --- .github/workflows/basic-qa.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/basic-qa.yml b/.github/workflows/basic-qa.yml index 97943efa21..c0fc7eeee2 100644 --- a/.github/workflows/basic-qa.yml +++ b/.github/workflows/basic-qa.yml @@ -54,7 +54,8 @@ jobs: # Show XML violations inline in the file diff. # @link https://github.com/marketplace/actions/xmllint-problem-matcher - - uses: korelstar/xmllint-problem-matcher@v1 + - name: Enable showing XML issues inline + uses: korelstar/xmllint-problem-matcher@v1 - name: Check the code style of the PHP files id: phpcs @@ -185,7 +186,7 @@ jobs: # Install dependencies and handle caching in one go. # Dependencies need to be installed to make sure the PHPCS and PHPUnit classes are recognized. - # @link https://github.com/marketplace/actions/install-composer-dependencies + # @link https://github.com/marketplace/actions/install-php-dependencies-with-composer - name: Install Composer dependencies uses: "ramsey/composer-install@v2" with: From 4e4a2cf828071bdd5b0e8b58ecf8c77ee4adcb3a Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 23 Nov 2023 07:59:09 +0100 Subject: [PATCH 10/40] GH Actions: update for the release of PHP 8.3 ... which is expected later today. * Builds against PHP 8.3 are no longer allowed to fail. * Add _allowed to fail_ build against PHP 8.4. --- .github/workflows/unit-tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index ab5f8f5b50..3a4bde4397 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - php: [ '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '8.0', '8.1', '8.2', '8.3' ] + php: [ '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '8.0', '8.1', '8.2', '8.3', '8.4' ] phpcs_version: [ 'lowest', 'dev-master' ] extensions: [ '' ] coverage: [false] @@ -57,7 +57,7 @@ jobs: name: PHP ${{ matrix.php }} on PHPCS ${{ matrix.phpcs_version }} - continue-on-error: ${{ matrix.php == '8.3' }} + continue-on-error: ${{ matrix.php == '8.4' }} steps: - name: Checkout repository From 253a1fc99b6e3f16397c28db61f79f6e09096e9e Mon Sep 17 00:00:00 2001 From: jrfnl Date: Sun, 3 Dec 2023 17:00:22 +0100 Subject: [PATCH 11/40] Use two new sniffs from PHPCSExtra 1.2.0 PHPCSExtra 1.2.0 was released yesterday and contains two new sniffs which IMO would be suitable for adding to WordPressCS. Includes raising the minimum supported PHPCSExtra version. (will conflict with PR 2408 and will need rebase depending on which is merged first) Ref: * https://github.com/PHPCSStandards/PHPCSExtra/releases/tag/1.2.0 --- .github/CONTRIBUTING.md | 2 +- WordPress-Core/ruleset.xml | 3 +++ WordPress-Extra/ruleset.xml | 3 +++ composer.json | 2 +- 4 files changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index e65dae451a..eed45e0227 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -41,7 +41,7 @@ When you introduce new `public` sniff properties, or your sniff extends a class * WordPress-Coding-Standards * PHP_CodeSniffer 3.7.2 or higher * PHPCSUtils 1.0.8 or higher -* PHPCSExtra 1.1.0 or higher +* PHPCSExtra 1.2.0 or higher * PHPUnit 4.x, 5.x, 6.x or 7.x The WordPress Coding Standards use the `PHP_CodeSniffer` native unit test framework for unit testing the sniffs. diff --git a/WordPress-Core/ruleset.xml b/WordPress-Core/ruleset.xml index c38349e5c4..5396b02134 100644 --- a/WordPress-Core/ruleset.xml +++ b/WordPress-Core/ruleset.xml @@ -869,6 +869,9 @@ + + + diff --git a/WordPress-Extra/ruleset.xml b/WordPress-Extra/ruleset.xml index 54c2bd553e..8a104c84ec 100644 --- a/WordPress-Extra/ruleset.xml +++ b/WordPress-Extra/ruleset.xml @@ -180,6 +180,9 @@ + + + diff --git a/CHANGELOG.md b/CHANGELOG.md index 7bfac3e701..6aacee386f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -97,7 +97,7 @@ In all cases, please read the complete changelog carefully before you upgrade. - The `sanitize_url()` and `wp_kses_one_attr()` functions to the list of known "sanitizing" functions. - Metrics for blank lines at the start/end of a control structure body to the `WordPress.WhiteSpace.ControlStructureSpacing` sniff. These can be displayed using `--report=info` when the `blank_line_check` property has been set to `true`. - End-user documentation to the following new and pre-existing sniffs: `WordPress.DateTime.RestrictedFunctions`, `WordPress.NamingConventions.PrefixAllGlobals` (props [@Ipstenu]), `WordPress.PHP.StrictInArray` (props [@marconmartins]), `WordPress.PHP.YodaConditions` (props [@Ipstenu]), `WordPress.WhiteSpace.ControlStructureSpacing` (props [@ckanitz]), `WordPress.WhiteSpace.ObjectOperatorSpacing`, `WordPress.WhiteSpace.OperatorSpacing` (props [@ckanitz]), `WordPress.WP.CapitalPDangit` (props [@NielsdeBlaauw]), `WordPress.WP.Capabilities`, `WordPress.WP.ClassNameCase`, `WordPress.WP.EnqueueResourceParameters` (props [@NielsdeBlaauw]). - This documentation can be exposed via the [`PHP_CodeSniffer` `--generator=...` command-line argument](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Usage). + This documentation can be exposed via the [`PHP_CodeSniffer` `--generator=...` command-line argument](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Usage). Note: all sniffs which have been added from PHPCSExtra (Universal, Modernize, NormalizedArrays sniffs) are also fully documented. #### Added (internal/dev-only) @@ -454,7 +454,7 @@ The move does not affect the package name for Packagist. This remains the same: - `Sniff::get_list_variables()` utility method which will retrieve an array with the token pointers to the variables which are being assigned to in a `list()` construct. Includes support for short lists. - `Sniff::is_function_deprecated()` static utility method to determine whether a declared function has been marked as deprecated in the function DocBlock. - End-user documentation to the following existing sniffs: `WordPress.Arrays.ArrayIndentation`, `WordPress.Arrays.ArrayKeySpacingRestrictions`, `WordPress.Arrays.MultipleStatementAlignment`, `WordPress.Classes.ClassInstantiation`, `WordPress.NamingConventions.ValidHookName`, `WordPress.PHP.IniSet`, `WordPress.Security.SafeRedirect`, `WordPress.WhiteSpace.CastStructureSpacing`, `WordPress.WhiteSpace.DisallowInlineTabs`, `WordPress.WhiteSpace.PrecisionAlignment`, `WordPress.WP.CronInterval`, `WordPress.WP.DeprecatedClasses`, `WordPress.WP.DeprecatedFunctions`, `WordPress.WP.DeprecatedParameters`, `WordPress.WP.DeprecatedParameterValues`, `WordPress.WP.EnqueuedResources`, `WordPress.WP.PostsPerPage`. - This documentation can be exposed via the [`PHP_CodeSniffer` `--generator=...` command-line argument](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Usage). + This documentation can be exposed via the [`PHP_CodeSniffer` `--generator=...` command-line argument](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Usage). ### Changed - The default value for `minimum_supported_wp_version`, as used by a [number of sniffs detecting usage of deprecated WP features](https://github.com/WordPress/WordPress-Coding-Standards/wiki/Customizable-sniff-properties#minimum-wp-version-to-check-for-usage-of-deprecated-functions-classes-and-function-parameters), has been updated to `5.0`. @@ -661,7 +661,7 @@ If you are a maintainer of an external standard based on WordPressCS and any of - `WordPress.NamingConventions.ValidVariableName`: Added unit tests confirming support for multi-variable/property declarations. - The `get_name_suggestion()` method has been moved from the `WordPress.NamingConventions.ValidFunctionName` sniff to the base `Sniff` class, renamed to `get_snake_case_name_suggestion()` and made static. - The rulesets are now validated against the `PHP_CodeSniffer` XSD schema. -- Updated the [custom ruleset example](https://github.com/WordPress/WordPress-Coding-Standards/blob/develop/phpcs.xml.dist.sample) to use the recommended ruleset syntax for `PHP_CodeSniffer` 3.3.1+, including using the new [array property format](https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.3.0) which is now supported. +- Updated the [custom ruleset example](https://github.com/WordPress/WordPress-Coding-Standards/blob/develop/phpcs.xml.dist.sample) to use the recommended ruleset syntax for `PHP_CodeSniffer` 3.3.1+, including using the new [array property format](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.3.0) which is now supported. - Dev: The command to run the unit tests has changed. Please see the updated instructions in the [CONTRIBUTING.md](https://github.com/WordPress/WordPress-Coding-Standards/blob/develop/.github/CONTRIBUTING.md) file. The `bin/pre-commit` example git hook has been updated to match. Additionally a `run-tests` script has been added to the `composer.json` file for your convenience. To facilitate this, PHPUnit has been added to `require-dev`, even though it is strictly speaking a dependency of PHPCS, not of WPCS. @@ -672,7 +672,7 @@ If you are a maintainer of an external standard based on WordPressCS and any of ### Deprecated - The use of the [WordPressCS native whitelist comments](https://github.com/WordPress/WordPress-Coding-Standards/wiki/Whitelisting-code-which-flags-errors), which were introduced in WPCS 0.4.0, have been deprecated and support will be removed in WPCS 3.0.0. The WordPressCS native whitelist comments will continue to work for now, but a deprecation warning will be thrown when they are encountered. - You are encouraged to upgrade our whitelist comment to use the [PHPCS native selective ignore annotations](https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.2.0) as introduced in `PHP_CodeSniffer` 3.2.0, as soon as possible. + You are encouraged to upgrade our whitelist comment to use the [PHPCS native selective ignore annotations](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.2.0) as introduced in `PHP_CodeSniffer` 3.2.0, as soon as possible. ### Removed - Support for PHP 5.3. PHP 5.4 is the minimum requirement for `PHP_CodeSniffer` 3.x. @@ -684,7 +684,7 @@ If you are a maintainer of an external standard based on WordPressCS and any of - Support for array properties set in a custom ruleset without the `type="array"` attribute. Support for this was deprecated in WPCS 1.0.0. If in doubt about how properties should be set in your custom ruleset, please refer to the [Customizable sniff properties](https://github.com/WordPress/WordPress-Coding-Standards/wiki/Customizable-sniff-properties) wiki page which contains XML code examples for setting each and every WPCS native sniff property. - As the minimum `PHP_CodeSniffer` version is now 3.3.1, you can now also use the [new format for setting array properties](https://github.com/squizlabs/PHP_CodeSniffer/releases/tag/3.3.0), so this would be a great moment to review and update your custom ruleset. + As the minimum `PHP_CodeSniffer` version is now 3.3.1, you can now also use the [new format for setting array properties](https://github.com/PHPCSStandards/PHP_CodeSniffer/releases/tag/3.3.0), so this would be a great moment to review and update your custom ruleset. Note: the ability to set select properties from the command-line as comma-delimited strings is _not_ affected by this change. - The following sniffs have been removed outright without deprecation. If you are referencing these sniffs in a ruleset XML file or in inline annotations, please update these to reference the replacement sniffs instead. @@ -985,10 +985,10 @@ If you are a maintainer of an external standard based on WPCS and any of your cu ### Fixed - Compatibility with PHP 7.3. A change in PHP 7.3 was causing the `WordPress.DB.RestrictedClasses`, `WordPress.DB.RestrictedFunctions` and the `WordPress.WP.AlternativeFunctions` sniffs to fail to correctly detect issues. -- Compatibility with the latest releases from [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer). +- Compatibility with the latest releases from [PHP_CodeSniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer). PHPCS 3.2.0 introduced new annotations which can be used inline to selectively disable/ignore certain sniffs. **Note**: The initial implementation of the new annotations was buggy. If you intend to start using these new style annotations, you are strongly advised to use PHPCS 3.3.0 or higher. - For more information about these annotations, please refer to the [PHPCS Wiki](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Advanced-Usage#ignoring-parts-of-a-file). + For more information about these annotations, please refer to the [PHPCS Wiki](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Advanced-Usage#ignoring-parts-of-a-file). - The [WPCS native whitelist comments](https://github.com/WordPress/WordPress-Coding-Standards/wiki/Whitelisting-code-which-flags-errors) can now be combined with the new style PHPCS whitelist annotations in the `-- for reasons` part of the annotation. - `WordPress.Arrays.ArrayDeclarationSpacing`: the fixer will now handle the new style annotations correctly. - `WordPress.Arrays.CommaAfterArrayItem`: prevent a fixer loop when new style annotations are encountered. @@ -1221,7 +1221,7 @@ If you exclude some sniffs or error codes, you may have to update your custom ru Additionally, to make it easier for you to customize your ruleset, two new wiki pages have been published with information on the properties you can adjust from your ruleset: * [WPCS customizable sniff properties](https://github.com/WordPress/WordPress-Coding-Standards/wiki/Customizable-sniff-properties) -* [PHPCS customizable sniff properties](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Customisable-Sniff-Properties) +* [PHPCS customizable sniff properties](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Customisable-Sniff-Properties) For more detailed information about the changed sniff names and error codes, please refer to PR [#633](https://github.com/WordPress/WordPress-Coding-Standards/pull/633) and PR [#814](https://github.com/WordPress/WordPress-Coding-Standards/pull/814). diff --git a/README.md b/README.md index f8023bdc96..6876f5cf1a 100644 --- a/README.md +++ b/README.md @@ -46,7 +46,7 @@ ## Introduction -This project is a collection of [PHP_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) rules (sniffs) to validate code developed for WordPress. It ensures code quality and adherence to coding conventions, especially the official [WordPress Coding Standards](https://make.wordpress.org/core/handbook/best-practices/coding-standards/). +This project is a collection of [PHP_CodeSniffer](https://github.com/PHPCSStandards/PHP_CodeSniffer) rules (sniffs) to validate code developed for WordPress. It ensures code quality and adherence to coding conventions, especially the official [WordPress Coding Standards](https://make.wordpress.org/core/handbook/best-practices/coding-standards/). This project needs funding. [Find out how you can help](#funding). @@ -133,7 +133,7 @@ If you need to further customize the selection of sniffs for your project - you When you name this file either `.phpcs.xml`, `phpcs.xml`, `.phpcs.xml.dist` or `phpcs.xml.dist`, PHP_CodeSniffer will automatically locate it as long as it is placed in the directory from which you run the CodeSniffer or in a directory above it. If you follow these naming conventions you don't have to supply a `--standard` CLI argument. -For more info, read about [using a default configuration file](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Advanced-Usage#using-a-default-configuration-file). See also the provided WordPressCS [`phpcs.xml.dist.sample`](phpcs.xml.dist.sample) file and the [fully annotated example ruleset](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Annotated-ruleset.xml) in the PHP_CodeSniffer documentation. +For more info, read about [using a default configuration file](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Advanced-Usage#using-a-default-configuration-file). See also the provided WordPressCS [`phpcs.xml.dist.sample`](phpcs.xml.dist.sample) file and the [fully annotated example ruleset](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Annotated-ruleset.xml) in the PHP_CodeSniffer documentation. ### Customizing sniff behaviour @@ -143,7 +143,7 @@ You can find a complete list of all the properties you can change for the WordPr WordPressCS also uses sniffs from PHPCSExtra and from PHP_CodeSniffer itself. The [README for PHPCSExtra](https://github.com/PHPCSStandards/PHPCSExtra) contains information on the properties which can be set for the sniff from PHPCSExtra. -Information on custom properties which can be set for sniffs from PHP_CodeSniffer can be found in the [PHP_CodeSniffer wiki](https://github.com/squizlabs/PHP_CodeSniffer/wiki/Customisable-Sniff-Properties). +Information on custom properties which can be set for sniffs from PHP_CodeSniffer can be found in the [PHP_CodeSniffer wiki](https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Customisable-Sniff-Properties). ### Recommended additional rulesets diff --git a/Tests/bootstrap.php b/Tests/bootstrap.php index fd4c952893..fabe3a9ba2 100644 --- a/Tests/bootstrap.php +++ b/Tests/bootstrap.php @@ -25,7 +25,7 @@ */ // Get the PHPCS dir from an environment variable. $phpcsDir = getenv( 'PHPCS_DIR' ); -$composerPHPCSPath = dirname( __DIR__ ) . $ds . 'vendor' . $ds . 'squizlabs' . $ds . 'php_codesniffer'; +$composerPHPCSPath = dirname( __DIR__ ) . $ds . 'vendor' . $ds . 'phpcsstandards' . $ds . 'php_codesniffer'; if ( false === $phpcsDir && is_dir( $composerPHPCSPath ) ) { // PHPCS installed via Composer. diff --git a/WordPress-Core/ruleset.xml b/WordPress-Core/ruleset.xml index 5396b02134..8671caef58 100644 --- a/WordPress-Core/ruleset.xml +++ b/WordPress-Core/ruleset.xml @@ -1,5 +1,5 @@ - + Non-controversial generally-agreed upon WordPress Coding Standards diff --git a/WordPress-Docs/ruleset.xml b/WordPress-Docs/ruleset.xml index b351118584..c8b5969a96 100644 --- a/WordPress-Docs/ruleset.xml +++ b/WordPress-Docs/ruleset.xml @@ -1,5 +1,5 @@ - + WordPress Coding Standards for Inline Documentation and Comments diff --git a/WordPress-Extra/ruleset.xml b/WordPress-Extra/ruleset.xml index 8a104c84ec..8b065c7a1f 100644 --- a/WordPress-Extra/ruleset.xml +++ b/WordPress-Extra/ruleset.xml @@ -1,5 +1,5 @@ - + Best practices beyond core WordPress Coding Standards diff --git a/WordPress/Sniffs/NamingConventions/ValidVariableNameSniff.php b/WordPress/Sniffs/NamingConventions/ValidVariableNameSniff.php index 37171540cd..6202f2b5e3 100644 --- a/WordPress/Sniffs/NamingConventions/ValidVariableNameSniff.php +++ b/WordPress/Sniffs/NamingConventions/ValidVariableNameSniff.php @@ -29,7 +29,7 @@ * @since 2.0.0 Now offers name suggestions for variables in violation. * * Last synced with base class January 2022 at commit 4b49a952bf0e2c3863d0a113256bae0d7fe63d52. - * @link https://github.com/squizlabs/PHP_CodeSniffer/blob/master/src/Standards/Squiz/Sniffs/NamingConventions/ValidVariableNameSniff.php + * @link https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/src/Standards/Squiz/Sniffs/NamingConventions/ValidVariableNameSniff.php */ final class ValidVariableNameSniff extends PHPCS_AbstractVariableSniff { diff --git a/WordPress/Sniffs/WhiteSpace/ControlStructureSpacingSniff.php b/WordPress/Sniffs/WhiteSpace/ControlStructureSpacingSniff.php index 11fecd6491..995216a564 100644 --- a/WordPress/Sniffs/WhiteSpace/ControlStructureSpacingSniff.php +++ b/WordPress/Sniffs/WhiteSpace/ControlStructureSpacingSniff.php @@ -26,7 +26,7 @@ * Last synced with base class 2021-11-20 at commit 7f11ffc8222b123c06345afd3261221561c3bb29. * Note: This class has diverged quite far from the original. All the same, checking occasionally * to see if there are upstream fixes made from which this sniff can benefit, is warranted. - * @link https://github.com/squizlabs/PHP_CodeSniffer/blob/master/src/Standards/Squiz/Sniffs/WhiteSpace/ControlStructureSpacingSniff.php + * @link https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/src/Standards/Squiz/Sniffs/WhiteSpace/ControlStructureSpacingSniff.php */ final class ControlStructureSpacingSniff extends Sniff { diff --git a/WordPress/Sniffs/WhiteSpace/ObjectOperatorSpacingSniff.php b/WordPress/Sniffs/WhiteSpace/ObjectOperatorSpacingSniff.php index b54d3c421b..a832b4f2c6 100644 --- a/WordPress/Sniffs/WhiteSpace/ObjectOperatorSpacingSniff.php +++ b/WordPress/Sniffs/WhiteSpace/ObjectOperatorSpacingSniff.php @@ -20,7 +20,7 @@ * - When the `::` operator is used in `::class`, no new line(s) before or after the object operator are allowed. * * @since 3.0.0 - * @link https://github.com/squizlabs/PHP_CodeSniffer/blob/master/src/Standards/Squiz/Sniffs/WhiteSpace/ObjectOperatorSpacingSniff.php + * @link https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/src/Standards/Squiz/Sniffs/WhiteSpace/ObjectOperatorSpacingSniff.php */ final class ObjectOperatorSpacingSniff extends Squiz_ObjectOperatorSpacingSniff { diff --git a/WordPress/Sniffs/WhiteSpace/OperatorSpacingSniff.php b/WordPress/Sniffs/WhiteSpace/OperatorSpacingSniff.php index 7824379588..2caa937df0 100644 --- a/WordPress/Sniffs/WhiteSpace/OperatorSpacingSniff.php +++ b/WordPress/Sniffs/WhiteSpace/OperatorSpacingSniff.php @@ -31,7 +31,7 @@ * @since 0.13.0 Class name changed: this class is now namespaced. * * Last verified with base class June 2023 at commit 085b1e091b0f2e451333c0bc26dd50bba39402c4. - * @link https://github.com/squizlabs/PHP_CodeSniffer/blob/master/CodeSniffer/Standards/Squiz/Sniffs/WhiteSpace/OperatorSpacingSniff.php + * @link https://github.com/PHPCSStandards/PHP_CodeSniffer/blob/master/CodeSniffer/Standards/Squiz/Sniffs/WhiteSpace/OperatorSpacingSniff.php */ final class OperatorSpacingSniff extends PHPCS_Squiz_OperatorSpacingSniff { diff --git a/WordPress/ruleset.xml b/WordPress/ruleset.xml index fd24ae6318..e1c7971418 100644 --- a/WordPress/ruleset.xml +++ b/WordPress/ruleset.xml @@ -1,5 +1,5 @@ - + WordPress Coding Standards diff --git a/composer.json b/composer.json index b6e8abd2f7..21d1a40c3c 100644 --- a/composer.json +++ b/composer.json @@ -21,7 +21,7 @@ "ext-libxml": "*", "ext-tokenizer": "*", "ext-xmlreader": "*", - "squizlabs/php_codesniffer": "^3.7.2", + "phpcsstandards/php_codesniffer": "^3.7.2", "phpcsstandards/phpcsutils": "^1.0.8", "phpcsstandards/phpcsextra": "^1.2.0" }, @@ -46,16 +46,16 @@ "@php ./vendor/php-parallel-lint/php-parallel-lint/parallel-lint . -e php --show-deprecated --exclude vendor --exclude .git" ], "check-cs": [ - "@php ./vendor/squizlabs/php_codesniffer/bin/phpcs" + "@php ./vendor/phpcsstandards/php_codesniffer/bin/phpcs" ], "fix-cs": [ - "@php ./vendor/squizlabs/php_codesniffer/bin/phpcbf" + "@php ./vendor/phpcsstandards/php_codesniffer/bin/phpcbf" ], "run-tests": [ - "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/squizlabs/php_codesniffer/tests/AllTests.php --no-coverage" + "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/phpcsstandards/php_codesniffer/tests/AllTests.php --no-coverage" ], "coverage": [ - "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/squizlabs/php_codesniffer/tests/AllTests.php" + "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/phpcsstandards/php_codesniffer/tests/AllTests.php" ], "check-complete": [ "@php ./vendor/phpcsstandards/phpcsdevtools/bin/phpcs-check-feature-completeness -q ./WordPress" diff --git a/phpcs.xml.dist.sample b/phpcs.xml.dist.sample index b1ddd44803..fa456b5813 100644 --- a/phpcs.xml.dist.sample +++ b/phpcs.xml.dist.sample @@ -1,12 +1,12 @@ - + A custom set of rules to check for a WPized WordPress project @@ -141,7 +141,7 @@ legitimate exclusion. For more information on ruleset configuration optiones, check out the PHPCS wiki: - https://github.com/squizlabs/PHP_CodeSniffer/wiki/Annotated-Ruleset + https://github.com/PHPCSStandards/PHP_CodeSniffer/wiki/Annotated-Ruleset --> /path/to/Tests/*Test\.php From 184db6677feb6d415d9a7f709fa382843413f5a5 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 7 Dec 2023 04:00:29 +0100 Subject: [PATCH 16/40] Revert changes to the Composer package name In contrast to earlier information, arrangements are now being made to allow the package to continue under its original name on Packagist. The commit (in the new repo) to rename the package [has been reverted](https://github.com/PHPCSStandards/PHP_CodeSniffer/pull/135). --- .github/workflows/basic-qa.yml | 10 +++++----- .github/workflows/quicktest.yml | 4 ++-- .github/workflows/unit-tests.yml | 4 ++-- Tests/bootstrap.php | 2 +- composer.json | 10 +++++----- 5 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/basic-qa.yml b/.github/workflows/basic-qa.yml index 9e35b8fc0b..c0fc7eeee2 100644 --- a/.github/workflows/basic-qa.yml +++ b/.github/workflows/basic-qa.yml @@ -39,7 +39,7 @@ jobs: # Using PHPCS `master` as an early detection system for bugs upstream. - name: Set PHPCS version - run: composer require phpcsstandards/php_codesniffer:"dev-master" --no-update --no-scripts --no-interaction + run: composer require squizlabs/php_codesniffer:"dev-master" --no-update --no-scripts --no-interaction - name: Install Composer dependencies uses: ramsey/composer-install@v2 @@ -68,10 +68,10 @@ jobs: # Validate the Ruleset XML files. # @link http://xmlsoft.org/xmllint.html - name: Validate the WordPress rulesets - run: xmllint --noout --schema vendor/phpcsstandards/php_codesniffer/phpcs.xsd ./*/ruleset.xml + run: xmllint --noout --schema vendor/squizlabs/php_codesniffer/phpcs.xsd ./*/ruleset.xml - name: Validate the sample ruleset - run: xmllint --noout --schema vendor/phpcsstandards/php_codesniffer/phpcs.xsd ./phpcs.xml.dist.sample + run: xmllint --noout --schema vendor/squizlabs/php_codesniffer/phpcs.xsd ./phpcs.xml.dist.sample # Validate the Documentation XML files. - name: Validate documentation against schema @@ -117,7 +117,7 @@ jobs: - name: "Set PHPCS version (master)" if: ${{ matrix.phpcs_version != 'lowest' }} - run: composer require phpcsstandards/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction + run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - name: Install Composer dependencies uses: ramsey/composer-install@v2 @@ -128,7 +128,7 @@ jobs: - name: "Set PHPCS version (lowest)" if: ${{ matrix.phpcs_version == 'lowest' }} - run: composer update phpcsstandards/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction + run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction - name: Test the WordPress-Core ruleset run: $(pwd)/vendor/bin/phpcs -ps ./Tests/RulesetCheck/class-ruleset-test.inc --standard=WordPress-Core diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index bafa089b7e..182c24c1de 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -52,7 +52,7 @@ jobs: - name: "Set PHPCS version (master)" if: ${{ matrix.phpcs_version != 'lowest' }} - run: composer require phpcsstandards/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction + run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - name: Install Composer dependencies (PHP < 8.0 ) if: ${{ matrix.php < 8.0 && matrix.php != 'latest' }} @@ -70,7 +70,7 @@ jobs: - name: "Set PHPCS version (lowest)" if: ${{ matrix.phpcs_version == 'lowest' }} - run: composer update phpcsstandards/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction + run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction - name: Lint PHP files against parse errors if: ${{ matrix.phpcs_version == 'dev-master' }} diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 7108233cce..3a4bde4397 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -84,7 +84,7 @@ jobs: - name: "Set PHPCS version (master)" if: ${{ matrix.phpcs_version != 'lowest' }} - run: composer require phpcsstandards/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction + run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - name: Install Composer dependencies (PHP < 8.0 ) if: ${{ matrix.php < 8.0 }} @@ -102,7 +102,7 @@ jobs: - name: "Set PHPCS version (lowest)" if: ${{ matrix.phpcs_version == 'lowest' }} - run: composer update phpcsstandards/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction + run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction - name: Lint PHP files against parse errors if: ${{ matrix.phpcs_version == 'dev-master' }} diff --git a/Tests/bootstrap.php b/Tests/bootstrap.php index fabe3a9ba2..fd4c952893 100644 --- a/Tests/bootstrap.php +++ b/Tests/bootstrap.php @@ -25,7 +25,7 @@ */ // Get the PHPCS dir from an environment variable. $phpcsDir = getenv( 'PHPCS_DIR' ); -$composerPHPCSPath = dirname( __DIR__ ) . $ds . 'vendor' . $ds . 'phpcsstandards' . $ds . 'php_codesniffer'; +$composerPHPCSPath = dirname( __DIR__ ) . $ds . 'vendor' . $ds . 'squizlabs' . $ds . 'php_codesniffer'; if ( false === $phpcsDir && is_dir( $composerPHPCSPath ) ) { // PHPCS installed via Composer. diff --git a/composer.json b/composer.json index 21d1a40c3c..b6e8abd2f7 100644 --- a/composer.json +++ b/composer.json @@ -21,7 +21,7 @@ "ext-libxml": "*", "ext-tokenizer": "*", "ext-xmlreader": "*", - "phpcsstandards/php_codesniffer": "^3.7.2", + "squizlabs/php_codesniffer": "^3.7.2", "phpcsstandards/phpcsutils": "^1.0.8", "phpcsstandards/phpcsextra": "^1.2.0" }, @@ -46,16 +46,16 @@ "@php ./vendor/php-parallel-lint/php-parallel-lint/parallel-lint . -e php --show-deprecated --exclude vendor --exclude .git" ], "check-cs": [ - "@php ./vendor/phpcsstandards/php_codesniffer/bin/phpcs" + "@php ./vendor/squizlabs/php_codesniffer/bin/phpcs" ], "fix-cs": [ - "@php ./vendor/phpcsstandards/php_codesniffer/bin/phpcbf" + "@php ./vendor/squizlabs/php_codesniffer/bin/phpcbf" ], "run-tests": [ - "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/phpcsstandards/php_codesniffer/tests/AllTests.php --no-coverage" + "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/squizlabs/php_codesniffer/tests/AllTests.php --no-coverage" ], "coverage": [ - "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/phpcsstandards/php_codesniffer/tests/AllTests.php" + "@php ./vendor/phpunit/phpunit/phpunit --filter WordPress ./vendor/squizlabs/php_codesniffer/tests/AllTests.php" ], "check-complete": [ "@php ./vendor/phpcsstandards/phpcsdevtools/bin/phpcs-check-feature-completeness -q ./WordPress" From 7b03ef5a76e228720e13e140b50d1900dc15eb69 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 14 Nov 2023 02:41:53 +0100 Subject: [PATCH 17/40] Composer: raise the minimum supported PHPCS version to 3.8.0 ... for improved PHP 8.2 support. --- .github/CONTRIBUTING.md | 2 +- composer.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 4200e0a275..dedbdbb9e0 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -39,7 +39,7 @@ When you introduce new `public` sniff properties, or your sniff extends a class ## Pre-requisites * WordPress-Coding-Standards -* PHP_CodeSniffer 3.7.2 or higher +* PHP_CodeSniffer 3.8.0 or higher * PHPCSUtils 1.0.8 or higher * PHPCSExtra 1.2.0 or higher * PHPUnit 4.x, 5.x, 6.x or 7.x diff --git a/composer.json b/composer.json index b6e8abd2f7..fbc394e69b 100644 --- a/composer.json +++ b/composer.json @@ -21,7 +21,7 @@ "ext-libxml": "*", "ext-tokenizer": "*", "ext-xmlreader": "*", - "squizlabs/php_codesniffer": "^3.7.2", + "squizlabs/php_codesniffer": "^3.8.0", "phpcsstandards/phpcsutils": "^1.0.8", "phpcsstandards/phpcsextra": "^1.2.0" }, From bf168c6cadf84f7744fd79394c4030c7d57e970e Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 14 Nov 2023 02:43:27 +0100 Subject: [PATCH 18/40] Composer: update various version constraints ... after the tooling has also updated to the PHPCSStandards version of PHPCS. Refs: * https://github.com/PHPCSStandards/PHPCSUtils/releases * https://github.com/PHPCSStandards/PHPCSExtra/releases --- .github/CONTRIBUTING.md | 4 ++-- composer.json | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index dedbdbb9e0..2eb61e5b9c 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -40,8 +40,8 @@ When you introduce new `public` sniff properties, or your sniff extends a class ## Pre-requisites * WordPress-Coding-Standards * PHP_CodeSniffer 3.8.0 or higher -* PHPCSUtils 1.0.8 or higher -* PHPCSExtra 1.2.0 or higher +* PHPCSUtils 1.0.9 or higher +* PHPCSExtra 1.2.1 or higher * PHPUnit 4.x, 5.x, 6.x or 7.x The WordPress Coding Standards use the `PHP_CodeSniffer` native unit test framework for unit testing the sniffs. diff --git a/composer.json b/composer.json index fbc394e69b..ef3e469b59 100644 --- a/composer.json +++ b/composer.json @@ -22,8 +22,8 @@ "ext-tokenizer": "*", "ext-xmlreader": "*", "squizlabs/php_codesniffer": "^3.8.0", - "phpcsstandards/phpcsutils": "^1.0.8", - "phpcsstandards/phpcsextra": "^1.2.0" + "phpcsstandards/phpcsutils": "^1.0.9", + "phpcsstandards/phpcsextra": "^1.2.1" }, "require-dev": { "phpcompatibility/php-compatibility": "^9.0", From 105a10cafc6b5c6e37d326b336daec06a7d2cc90 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Fri, 8 Dec 2023 19:29:17 +0100 Subject: [PATCH 19/40] DeprecatedFunctionsUnitTest: remove work-around for PHPCS bug ... as the bug is now fixed. --- WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php index f12b805780..b3e66f34b0 100644 --- a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php +++ b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php @@ -76,11 +76,6 @@ public function getErrorList() { $errors[361] ); - // Temporarily until PHPCS supports PHP 8.2. - if ( \PHP_VERSION_ID >= 80200 ) { - unset( $errors[360] ); // Function call to readonly. - } - return $errors; } From 8a455f048cbfbe5b2c0e417b3826e80de83af90b Mon Sep 17 00:00:00 2001 From: jrfnl Date: Sun, 28 May 2023 22:23:39 +0200 Subject: [PATCH 20/40] GH Actions/fixer conflict check: remove temporary exclusion Upstream PR squizlabs/PHP_CodeSniffer 3833 has now been merged, so the exclusion introduced in 2243 can be removed and the fixer conflict check passes again without issues. Fixes 2274 --- .github/workflows/basic-qa.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/basic-qa.yml b/.github/workflows/basic-qa.yml index c0fc7eeee2..09fb278012 100644 --- a/.github/workflows/basic-qa.yml +++ b/.github/workflows/basic-qa.yml @@ -151,15 +151,13 @@ jobs: # Test for fixer conflicts by running the auto-fixers of the complete WPCS over the test case files. # This is not an exhaustive test, but should give an early indication for typical fixer conflicts. # If only fixable errors are found, the exit code will be 1, which can be interpreted as success. - # - # Note: the ValidVariableNameUnitTest.inc file is temporarily ignored until upstream PHPCS PR 3833 has been merged. - name: Test for fixer conflicts (fixes expected) if: ${{ matrix.phpcs_version == 'dev-master' }} id: phpcbf continue-on-error: true run: | set +e - $(pwd)/vendor/bin/phpcbf -pq ./WordPress/Tests/ --standard=WordPress --extensions=inc --exclude=Generic.PHP.Syntax --report=summary --ignore=/WordPress/Tests/NamingConventions/ValidVariableNameUnitTest.inc,/WordPress/Tests/WP/GlobalVariablesOverrideUnitTest.7.inc + $(pwd)/vendor/bin/phpcbf -pq ./WordPress/Tests/ --standard=WordPress --extensions=inc --exclude=Generic.PHP.Syntax --report=summary --ignore=/WordPress/Tests/WP/GlobalVariablesOverrideUnitTest.7.inc exitcode="$?" echo "EXITCODE=$exitcode" >> $GITHUB_OUTPUT exit "$exitcode" From bb305f87685f918880240fafe5dbbcf401fb9fc9 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Fri, 8 Dec 2023 21:49:58 +0100 Subject: [PATCH 21/40] Tests: allow for PHPUnit 8/9 PHP_CodeSniffer 3.8.0 now allows for running the tests, which are based on the PHPCS native test suite, with PHPUnit 8 and 9. This commit updates the package to take advantage of that. Includes: * Widening the PHPUnit version requirements. * Adding the PHPUnit 8+ cache file to `.gitignore`. * Updating the PHPUnit configuration to make sure that deprecations will always show, even when on a high PHPUnit 9.6 version. * Updating the info in `CONTRIBUTING`. * Simplifications to the `quicktest` and `test` workflows. Also, the code coverage "high" run can now be run against PHP 8.3. * Running PHPStan against PHP `latest` (couldn't previously be done due to the old PHPUnit version). * Minor tweak to the PHPStan config to make sure PHP 8.x specific issues don't get flagged for this codebase. * Removing a no longer needed `--ignore-platform*` argument. * Updating the "setUp" method in one test to call the parent "setUp" method via the new method name. Ref: * PHPCSStandards/PHP_CodeSniffer 59 --- .github/CONTRIBUTING.md | 6 ++-- .github/workflows/basic-qa.yml | 5 ++-- .github/workflows/quicktest.yml | 27 +++++------------ .github/workflows/unit-tests.yml | 30 +++++-------------- .gitignore | 1 + .../Tests/DB/RestrictedClassesUnitTest.php | 2 +- composer.json | 2 +- phpstan.neon.dist | 2 +- phpunit.xml.dist | 4 +++ 9 files changed, 28 insertions(+), 51 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 2eb61e5b9c..b1ad07ef6d 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -42,7 +42,7 @@ When you introduce new `public` sniff properties, or your sniff extends a class * PHP_CodeSniffer 3.8.0 or higher * PHPCSUtils 1.0.9 or higher * PHPCSExtra 1.2.1 or higher -* PHPUnit 4.x, 5.x, 6.x or 7.x +* PHPUnit 4.x - 9.x The WordPress Coding Standards use the `PHP_CodeSniffer` native unit test framework for unit testing the sniffs. @@ -85,9 +85,9 @@ phpunit --filter WordPress /path/to/PHP_CodeSniffer/tests/AllTests.php Expected output: ``` -PHPUnit 7.5.20 by Sebastian Bergmann and contributors. +PHPUnit 9.6.15 by Sebastian Bergmann and contributors. -Runtime: PHP 7.4.33 +Runtime: PHP 8.3.0 Configuration: /WordPressCS/phpunit.xml.dist ......................................................... 57 / 57 (100%) diff --git a/.github/workflows/basic-qa.yml b/.github/workflows/basic-qa.yml index 09fb278012..ef45e215a7 100644 --- a/.github/workflows/basic-qa.yml +++ b/.github/workflows/basic-qa.yml @@ -127,8 +127,7 @@ jobs: custom-cache-suffix: $(date -u "+%Y-%m") - name: "Set PHPCS version (lowest)" - if: ${{ matrix.phpcs_version == 'lowest' }} - run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction + run: composer update squizlabs/php_codesniffer --prefer-lowest --no-scripts --no-interaction - name: Test the WordPress-Core ruleset run: $(pwd)/vendor/bin/phpcs -ps ./Tests/RulesetCheck/class-ruleset-test.inc --standard=WordPress-Core @@ -178,7 +177,7 @@ jobs: - name: Install PHP uses: shivammathur/setup-php@v2 with: - php-version: '7.4' + php-version: 'latest' coverage: none tools: phpstan diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index 182c24c1de..82b2a0cdaa 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - php: [ '5.4', '7.4', 'latest' ] + php: [ '5.4', 'latest' ] phpcs_version: [ 'lowest', 'dev-master' ] name: QTest - PHP ${{ matrix.php }} on PHPCS ${{ matrix.phpcs_version }} @@ -54,20 +54,12 @@ jobs: if: ${{ matrix.phpcs_version != 'lowest' }} run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - - name: Install Composer dependencies (PHP < 8.0 ) - if: ${{ matrix.php < 8.0 && matrix.php != 'latest' }} + - name: Install Composer dependencies uses: ramsey/composer-install@v2 with: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") - - name: Install Composer dependencies (PHP >= 8.0) - if: ${{ matrix.php >= 8.0 || matrix.php == 'latest' }} - uses: ramsey/composer-install@v2 - with: - composer-options: --ignore-platform-req=php+ - custom-cache-suffix: $(date -u "+%Y-%m") - - name: "Set PHPCS version (lowest)" if: ${{ matrix.phpcs_version == 'lowest' }} run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction @@ -76,21 +68,16 @@ jobs: if: ${{ matrix.phpcs_version == 'dev-master' }} run: composer lint -- --checkstyle - - name: Run the unit tests without code coverage - PHP 5.4 - 8.0 - if: ${{ matrix.php == '5.4' && github.ref_name != 'develop' }} + - name: Run the unit tests without code coverage + if: ${{ github.ref_name != 'develop' }} run: composer run-tests - # Until PHPCS supports PHPUnit 9, we cannot run code coverage on PHP 8.0+, so run it on PHP 5.4 and 7.4. - - name: Run the unit tests with code coverage - PHP 5.4 - 8.0 - if: ${{ matrix.php != 'latest' && github.ref_name == 'develop' }} + - name: Run the unit tests with code coverage + if: ${{ github.ref_name == 'develop' }} run: composer coverage - - name: Run the unit tests without code coverage - PHP >= 8.1 - if: ${{ matrix.php == 'latest' }} - run: composer run-tests -- --no-configuration --bootstrap=./Tests/bootstrap.php --dont-report-useless-tests - - name: Send coverage report to Codecov - if: ${{ success() && github.ref_name == 'develop' && matrix.php != 'latest' }} + if: ${{ success() && github.ref_name == 'develop' }} uses: codecov/codecov-action@v3 with: files: ./build/logs/clover.xml diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 3a4bde4397..fdd7760dd7 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - php: [ '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '8.0', '8.1', '8.2', '8.3', '8.4' ] + php: [ '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.4' ] phpcs_version: [ 'lowest', 'dev-master' ] extensions: [ '' ] coverage: [false] @@ -33,7 +33,6 @@ jobs: coverage: true # Make sure coverage is recorded for this too. # Run code coverage builds against high/low PHP and high/low PHPCS. - # Note: Until PHPCS supports PHPUnit 9, we cannot run code coverage on PHP 8.0+. - php: '5.4' phpcs_version: 'dev-master' extensions: '' @@ -42,11 +41,11 @@ jobs: phpcs_version: 'lowest' extensions: '' coverage: true - - php: '7.4' + - php: '8.3' phpcs_version: 'dev-master' extensions: '' coverage: true - - php: '7.4' + - php: '8.3' phpcs_version: 'lowest' extensions: '' coverage: true @@ -86,20 +85,12 @@ jobs: if: ${{ matrix.phpcs_version != 'lowest' }} run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - - name: Install Composer dependencies (PHP < 8.0 ) - if: ${{ matrix.php < 8.0 }} + - name: Install Composer dependencies uses: ramsey/composer-install@v2 with: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") - - name: Install Composer dependencies (PHP >= 8.0) - if: ${{ matrix.php >= 8.0 }} - uses: ramsey/composer-install@v2 - with: - composer-options: --ignore-platform-req=php+ - custom-cache-suffix: $(date -u "+%Y-%m") - - name: "Set PHPCS version (lowest)" if: ${{ matrix.phpcs_version == 'lowest' }} run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction @@ -108,19 +99,14 @@ jobs: if: ${{ matrix.phpcs_version == 'dev-master' }} run: composer lint -- --checkstyle | cs2pr - - name: Run the unit tests without code coverage - PHP 5.4 - 8.0 - if: ${{ matrix.php < '8.1' && matrix.coverage == false }} + - name: Run the unit tests without code coverage + if: ${{ matrix.coverage == false }} run: composer run-tests - - name: Run the unit tests with code coverage - PHP 5.4 - 8.0 - if: ${{ matrix.php < '8.1' && matrix.coverage == true }} + - name: Run the unit tests with code coverage + if: ${{ matrix.coverage == true }} run: composer coverage - # Until PHPCS supports PHPUnit 9, we cannot run code coverage on PHP 8.0+. - - name: Run the unit tests without code coverage - PHP >= 8.1 - if: ${{ matrix.php >= '8.1' && matrix.coverage == false }} - run: composer run-tests -- --no-configuration --bootstrap=./Tests/bootstrap.php --dont-report-useless-tests - - name: Send coverage report to Codecov if: ${{ success() && matrix.coverage == true }} uses: codecov/codecov-action@v3 diff --git a/.gitignore b/.gitignore index f4a8c2e298..7b65ab0e69 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ phpunit.xml phpcs.xml .phpcs.xml phpstan.neon +.phpunit.result.cache diff --git a/WordPress/Tests/DB/RestrictedClassesUnitTest.php b/WordPress/Tests/DB/RestrictedClassesUnitTest.php index 91fb95574d..512bb87db1 100644 --- a/WordPress/Tests/DB/RestrictedClassesUnitTest.php +++ b/WordPress/Tests/DB/RestrictedClassesUnitTest.php @@ -37,7 +37,7 @@ final class RestrictedClassesUnitTest extends AbstractSniffUnitTest { * @return void */ protected function enhanceGroups() { - parent::setUp(); + parent::setUpPrerequisites(); AbstractFunctionRestrictionsSniff::$unittest_groups = array( 'test' => array( diff --git a/composer.json b/composer.json index ef3e469b59..f54f513325 100644 --- a/composer.json +++ b/composer.json @@ -27,7 +27,7 @@ }, "require-dev": { "phpcompatibility/php-compatibility": "^9.0", - "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0", + "phpunit/phpunit": "^4.0 || ^5.0 || ^6.0 || ^7.0 || ^8.0 || ^9.0", "phpcsstandards/phpcsdevtools": "^1.2.0", "php-parallel-lint/php-parallel-lint": "^1.3.2", "php-parallel-lint/php-console-highlighter": "^1.0.0" diff --git a/phpstan.neon.dist b/phpstan.neon.dist index ae7cf53502..3a6b72bc14 100644 --- a/phpstan.neon.dist +++ b/phpstan.neon.dist @@ -1,5 +1,5 @@ parameters: - #phpVersion: 50400 # Needs to be 70100 or higher... sigh... + phpVersion: 70100 # Needs to be 70100 or higher... sigh... level: 5 paths: - WordPress diff --git a/phpunit.xml.dist b/phpunit.xml.dist index d041cb7d99..a5f12e7386 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -4,6 +4,10 @@ xsi:noNamespaceSchemaLocation="https://schema.phpunit.de/6.3/phpunit.xsd" backupGlobals="true" bootstrap="./Tests/bootstrap.php" + convertErrorsToExceptions="true" + convertWarningsToExceptions="true" + convertNoticesToExceptions="true" + convertDeprecationsToExceptions="true" beStrictAboutTestsThatDoNotTestAnything="false" colors="true" forceCoversAnnotation="true"> From 627a5d3285ddf285577b15686c0f9d0f2b6473a5 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 12 Dec 2023 00:18:42 +0100 Subject: [PATCH 22/40] Core: remove an exclusion Turns out the exclusion is a little too aggresive. The `Generic.WhiteSpace.LanguageConstructSpacing` _will_ throw an error when there is too much whitespace, but not when there is no whitespace and the next thing is an open parenthesis. By removing the exclusion, an error will now (correctly) be thrown when there is no whitespace between a closure `use` keyword and the open parenthesis. It also means that where there is _too much_ whitespace between the keyword and the open parenthesis, two errors will be thrown, one from the `Generic.WhiteSpace.LanguageConstructSpacing` sniff and one from the `Squiz.Functions.MultiLineFunctionDeclaration` sniff. Well, so be it. As both sniffs expect the same thing, this shouldn't lead to fixer conflicts anyhow. See https://github.com/WordPress/WordPress-Coding-Standards/issues/764#issuecomment-1851046232 --- WordPress-Core/ruleset.xml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/WordPress-Core/ruleset.xml b/WordPress-Core/ruleset.xml index 8671caef58..12c928bf4b 100644 --- a/WordPress-Core/ruleset.xml +++ b/WordPress-Core/ruleset.xml @@ -218,10 +218,6 @@ 0 - - - 0 - From 01c27cbe376783d851025fb87e55c7bbeb035b5f Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 12 Dec 2023 14:41:30 +0100 Subject: [PATCH 23/40] GH Actions: test against different versions of all CS dependencies As things were, when testing against "dev" versions, only PHPCS "dev" was used, while WPCS now has more dependencies, i.e. PHPCSUtils and PHPCSExtra. This commit updates the workflows to take that into account better. It also improves the readability of the workflows by using multi-line command in a few places. Notes: * This renames the `phpcs_version` matrix variable to `dependencies` in all workflows to make it clear this is not just about PHPCS itself, but about all dependencies. * The CS check for the own codebase is always run against "dev" versions of all dependencies as an early detection system for upstream issues. * The "Ruleset" checks are run against low/stable/dev. * The fixer conflict check is run against dev only, as conflicts detected cannot be fixed anymore in already released versions. * The "quick check" now only runs against low/stable. * The "test" run run against both low/stable by default and now has some extra builds against "dev" versions. - These extra builds could be set to "continue on error", but I've chosen not to do so as if any issues are detected, they should be fixed asap as they will impact WPCS sooner rather than later. - Code coverage will now be run against low/high PHP with low/stable dependencies and no longer against dev. * Also note that, while the "quick test"/"test" runs shouldn't need PHPCSExtra, as that is a dependency used only in the ruleset, not in our sniff code, I've still included PHPCSExtra in the upgrade/downgrade block for consistency. These changes do mean that the "required build"/branch protection will need to be updated (again) before the PR can be merged. I will do so once the PR has been approved. --- .github/workflows/basic-qa.yml | 43 ++++++++++++++------ .github/workflows/quicktest.yml | 35 +++++++---------- .github/workflows/unit-tests.yml | 67 +++++++++++++++++++++++--------- 3 files changed, 93 insertions(+), 52 deletions(-) diff --git a/.github/workflows/basic-qa.yml b/.github/workflows/basic-qa.yml index ef45e215a7..9d20cb4118 100644 --- a/.github/workflows/basic-qa.yml +++ b/.github/workflows/basic-qa.yml @@ -12,6 +12,11 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true +env: + PHPCS_DEV: 'dev-master' + UTILS_DEV: 'dev-develop' + EXTRA_DEV: 'dev-develop' + jobs: # Check code style of sniffs, rulesets and XML documentation. # Check that all sniffs are feature complete. @@ -37,9 +42,13 @@ jobs: - name: Validate the composer.json file run: composer validate --no-check-all --strict - # Using PHPCS `master` as an early detection system for bugs upstream. - - name: Set PHPCS version - run: composer require squizlabs/php_codesniffer:"dev-master" --no-update --no-scripts --no-interaction + # Using dev versions of the dependencies as an early detection system for bugs upstream. + - name: "Composer: set PHPCS dependencies (dev)" + run: > + composer require --no-update --no-scripts --no-interaction + squizlabs/php_codesniffer:"${{ env.PHPCS_DEV }}" + phpcsstandards/phpcsutils:"${{ env.UTILS_DEV }}" + phpcsstandards/phpcsextra:"${{ env.EXTRA_DEV }}" - name: Install Composer dependencies uses: ramsey/composer-install@v2 @@ -93,15 +102,15 @@ jobs: # Makes sure the rulesets don't throw unexpected errors or warnings. # This workflow needs to be run against a high PHP version to prevent triggering the syntax error check. - # It also needs to be run against all PHPCS versions WPCS is tested against. + # It also needs to be run against all dependency versions WPCS is tested against. ruleset-tests: runs-on: ubuntu-latest strategy: matrix: php: [ 'latest' ] - phpcs_version: [ 'lowest', 'dev-master' ] + dependencies: [ 'lowest', 'stable', 'dev' ] - name: "Ruleset test: PHP ${{ matrix.php }} on PHPCS ${{ matrix.phpcs_version }}" + name: "Ruleset test: PHP ${{ matrix.php }} on PHPCS ${{ matrix.dependencies }}" steps: - name: Checkout repository @@ -115,9 +124,13 @@ jobs: ini-values: error_reporting = E_ALL & ~E_DEPRECATED coverage: none - - name: "Set PHPCS version (master)" - if: ${{ matrix.phpcs_version != 'lowest' }} - run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction + - name: "Composer: set PHPCS dependencies for tests (dev)" + if: ${{ matrix.dependencies == 'dev' }} + run: > + composer require --no-update --no-scripts --no-interaction + squizlabs/php_codesniffer:"${{ env.PHPCS_DEV }}" + phpcsstandards/phpcsutils:"${{ env.UTILS_DEV }}" + phpcsstandards/phpcsextra:"${{ env.EXTRA_DEV }}" - name: Install Composer dependencies uses: ramsey/composer-install@v2 @@ -126,8 +139,13 @@ jobs: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") - - name: "Set PHPCS version (lowest)" - run: composer update squizlabs/php_codesniffer --prefer-lowest --no-scripts --no-interaction + - name: "Composer: downgrade PHPCS dependencies for tests (lowest)" + if: ${{ matrix.dependencies == 'lowest' }} + run: > + composer update --prefer-lowest --no-scripts --no-interaction + squizlabs/php_codesniffer + phpcsstandards/phpcsutils + phpcsstandards/phpcsextra - name: Test the WordPress-Core ruleset run: $(pwd)/vendor/bin/phpcs -ps ./Tests/RulesetCheck/class-ruleset-test.inc --standard=WordPress-Core @@ -150,8 +168,9 @@ jobs: # Test for fixer conflicts by running the auto-fixers of the complete WPCS over the test case files. # This is not an exhaustive test, but should give an early indication for typical fixer conflicts. # If only fixable errors are found, the exit code will be 1, which can be interpreted as success. + # This check is only run against "dev" as conflicts can not be fixed for already released versions. - name: Test for fixer conflicts (fixes expected) - if: ${{ matrix.phpcs_version == 'dev-master' }} + if: ${{ matrix.dependencies == 'dev' }} id: phpcbf continue-on-error: true run: | diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index 82b2a0cdaa..547b0518d6 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -24,48 +24,39 @@ jobs: strategy: matrix: php: [ '5.4', 'latest' ] - phpcs_version: [ 'lowest', 'dev-master' ] + dependencies: [ 'lowest', 'stable' ] - name: QTest - PHP ${{ matrix.php }} on PHPCS ${{ matrix.phpcs_version }} + name: QTest - PHP ${{ matrix.php }} on PHPCS ${{ matrix.dependencies }} steps: - name: Checkout repository uses: actions/checkout@v4 - # On stable PHPCS versions, allow for PHP deprecation notices. - # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. - - name: Setup ini config - id: set_ini - run: | - if [ "${{ matrix.phpcs_version }}" != "dev-master" ]; then - echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED, display_errors=On' >> $GITHUB_OUTPUT - else - echo 'PHP_INI=error_reporting=-1, display_errors=On' >> $GITHUB_OUTPUT - fi - - name: Set up PHP uses: shivammathur/setup-php@v2 with: php-version: ${{ matrix.php }} - ini-values: ${{ steps.set_ini.outputs.PHP_INI }} + # With stable PHPCS dependencies, allow for PHP deprecation notices. + # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. + ini-values: error_reporting=-1, display_errors=On coverage: ${{ github.ref_name == 'develop' && 'xdebug' || 'none' }} - - name: "Set PHPCS version (master)" - if: ${{ matrix.phpcs_version != 'lowest' }} - run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction - - name: Install Composer dependencies uses: ramsey/composer-install@v2 with: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") - - name: "Set PHPCS version (lowest)" - if: ${{ matrix.phpcs_version == 'lowest' }} - run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction + - name: "Composer: downgrade PHPCS dependencies for tests (lowest)" + if: ${{ matrix.dependencies == 'lowest' }} + run: > + composer update --prefer-lowest --no-scripts --no-interaction + squizlabs/php_codesniffer + phpcsstandards/phpcsutils + phpcsstandards/phpcsextra - name: Lint PHP files against parse errors - if: ${{ matrix.phpcs_version == 'dev-master' }} + if: ${{ matrix.dependencies == 'stable' }} run: composer lint -- --checkstyle - name: Run the unit tests without code coverage diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index fdd7760dd7..3d7bfd6dd1 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -14,47 +14,70 @@ concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true +env: + PHPCS_DEV: 'dev-master' + UTILS_DEV: 'dev-develop' + EXTRA_DEV: 'dev-develop' + jobs: # Runs the test suite against all supported branches and combinations. - # Linting is performed on all jobs run against PHPCS `dev-master`. + # Linting is performed on all jobs run with dependencies `stable`. test: runs-on: ubuntu-latest strategy: matrix: php: [ '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2', '8.4' ] - phpcs_version: [ 'lowest', 'dev-master' ] + dependencies: [ 'lowest', 'stable' ] extensions: [ '' ] coverage: [false] include: - php: '7.4' - phpcs_version: 'dev-master' + dependencies: 'stable' extensions: ':mbstring' # = Disable Mbstring. coverage: true # Make sure coverage is recorded for this too. # Run code coverage builds against high/low PHP and high/low PHPCS. - php: '5.4' - phpcs_version: 'dev-master' + dependencies: 'stable' extensions: '' coverage: true - php: '5.4' - phpcs_version: 'lowest' + dependencies: 'lowest' extensions: '' coverage: true - php: '8.3' - phpcs_version: 'dev-master' + dependencies: 'stable' extensions: '' coverage: true - php: '8.3' - phpcs_version: 'lowest' + dependencies: 'lowest' extensions: '' coverage: true + # Test against dev versions of all dependencies with select PHP versions for early detection of issues. + - php: '5.4' + dependencies: 'dev' + extensions: '' + coverage: false + - php: '7.0' + dependencies: 'dev' + extensions: '' + coverage: false + - php: '7.4' + dependencies: 'dev' + extensions: '' + coverage: false + - php: '8.3' + dependencies: 'dev' + extensions: '' + coverage: false + # Add extra build to test against PHPCS 4. #- php: '7.4' - # phpcs_version: '4.0.x-dev as 3.9.99' + # dependencies: '4.0.x-dev as 3.9.99' - name: PHP ${{ matrix.php }} on PHPCS ${{ matrix.phpcs_version }} + name: PHP ${{ matrix.php }} on PHPCS ${{ matrix.dependencies }} continue-on-error: ${{ matrix.php == '8.4' }} @@ -62,12 +85,12 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - # On stable PHPCS versions, allow for PHP deprecation notices. + # With stable PHPCS dependencies, allow for PHP deprecation notices. # Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore. - name: Setup ini config id: set_ini run: | - if [ "${{ matrix.phpcs_version }}" != "dev-master" ]; then + if [ "${{ matrix.dependencies }}" != "dev" ]; then echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED, display_errors=On' >> $GITHUB_OUTPUT else echo 'PHP_INI=error_reporting=-1, display_errors=On' >> $GITHUB_OUTPUT @@ -81,9 +104,13 @@ jobs: coverage: ${{ matrix.coverage && 'xdebug' || 'none' }} tools: cs2pr - - name: "Set PHPCS version (master)" - if: ${{ matrix.phpcs_version != 'lowest' }} - run: composer require squizlabs/php_codesniffer:"${{ matrix.phpcs_version }}" --no-update --no-scripts --no-interaction + - name: "Composer: set PHPCS dependencies for tests (dev)" + if: ${{ matrix.dependencies == 'dev' }} + run: > + composer require --no-update --no-scripts --no-interaction + squizlabs/php_codesniffer:"${{ env.PHPCS_DEV }}" + phpcsstandards/phpcsutils:"${{ env.UTILS_DEV }}" + phpcsstandards/phpcsextra:"${{ env.EXTRA_DEV }}" - name: Install Composer dependencies uses: ramsey/composer-install@v2 @@ -91,12 +118,16 @@ jobs: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") - - name: "Set PHPCS version (lowest)" - if: ${{ matrix.phpcs_version == 'lowest' }} - run: composer update squizlabs/php_codesniffer --prefer-lowest --ignore-platform-req=php+ --no-scripts --no-interaction + - name: "Composer: downgrade PHPCS dependencies for tests (lowest)" + if: ${{ ! startsWith( matrix.php, '8' ) && matrix.dependencies == 'lowest' }} + run: > + composer update --prefer-lowest --no-scripts --no-interaction + squizlabs/php_codesniffer + phpcsstandards/phpcsutils + phpcsstandards/phpcsextra - name: Lint PHP files against parse errors - if: ${{ matrix.phpcs_version == 'dev-master' }} + if: ${{ matrix.dependencies == 'stable' }} run: composer lint -- --checkstyle | cs2pr - name: Run the unit tests without code coverage From ec26b0e72dfedd1ba3e79b8d00066d0b93161a02 Mon Sep 17 00:00:00 2001 From: Gary Jones Date: Wed, 3 Jan 2024 11:26:49 +0000 Subject: [PATCH 24/40] EscapeOutput: Fix typos in code comments No change to functionality. --- WordPress/Sniffs/Security/EscapeOutputSniff.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/WordPress/Sniffs/Security/EscapeOutputSniff.php b/WordPress/Sniffs/Security/EscapeOutputSniff.php index 65ee5af3d2..92c1b2ef07 100644 --- a/WordPress/Sniffs/Security/EscapeOutputSniff.php +++ b/WordPress/Sniffs/Security/EscapeOutputSniff.php @@ -141,7 +141,7 @@ public function register() { $this->safe_components += Tokens::$booleanOperators; $this->safe_components += Collections::incrementDecrementOperators(); - // Set up the tokens the sniff should listen too. + // Set up the tokens the sniff should listen to. $targets = array_merge( parent::register(), $this->target_keywords ); $targets[] = \T_ECHO; $targets[] = \T_OPEN_TAG_WITH_ECHO; @@ -157,7 +157,7 @@ public function register() { * @return array */ public function getGroups() { - // Make sure all array keys are lowercase (could contain user provided function names). + // Make sure all array keys are lowercase (could contain user-provided function names). $printing_functions = array_change_key_case( $this->get_printing_functions(), \CASE_LOWER ); // Remove the unsafe printing functions to prevent duplicate notices. @@ -237,7 +237,7 @@ public function process_token( $stackPtr ) { if ( \T_OPEN_PARENTHESIS !== $this->tokens[ $next_relevant ]['code'] || isset( $this->tokens[ $next_relevant ]['parenthesis_closer'] ) === false ) { - // Live codind/parse error or a pre-created exception. Nothing to do for us. + // Live coding/parse error or a pre-created exception. Nothing to do for us. return; } @@ -470,7 +470,7 @@ protected function check_code_is_escaped( $start, $end, $code = 'OutputNotEscape && $this->tokens[ $next_non_empty ]['parenthesis_closer'] !== $last_non_empty ) ) { - // If there is a (long) ternary skip over the part before the ?. + // If there is a (long) ternary, skip over the part before the ?. $ternary = $this->find_long_ternary( $start, $end ); if ( false !== $ternary ) { $start = ( $ternary + 1 ); @@ -503,7 +503,7 @@ protected function check_code_is_escaped( $start, $end, $code = 'OutputNotEscape } if ( $in_cast ) { - // Skip to the end of a function call if it has been casted to a safe value. + // Skip to the end of a function call if it has been cast to a safe value. $i = $this->tokens[ $i ]['parenthesis_closer']; $in_cast = false; @@ -625,7 +625,7 @@ protected function check_code_is_escaped( $start, $end, $code = 'OutputNotEscape if ( isset( ContextHelper::get_safe_cast_tokens()[ $this->tokens[ $i ]['code'] ] ) ) { /* * If the next thing is a match expression, skip over it as whatever is - * being returned will be safe casted. + * being returned will be safely cast. * Do not set `$in_cast` to `true`. */ $next_non_empty = $this->phpcsFile->findNext( Tokens::$emptyTokens, ( $i + 1 ), $end, true ); @@ -660,7 +660,7 @@ protected function check_code_is_escaped( $start, $end, $code = 'OutputNotEscape continue; } - // Now check that next token is a function call. + // Now check that the next token is a function call. if ( \T_STRING === $this->tokens[ $i ]['code'] ) { $ptr = $i; $functionName = $this->tokens[ $i ]['content']; @@ -893,7 +893,7 @@ private function walk_match_expression( $stackPtr, $code ) { // Now check that the value returned by this match "leaf" is correctly escaped. $this->check_code_is_escaped( $item_start, $item_end, $code ); - // Independently of whether or not the check was succesfull or ran into (parse error) problems, + // Independently of whether or not the check was successful or ran into (parse error) problems, // always skip to the identified end of the item. $current = $item_end; } while ( $current < $end ); From b74817f29edeb283005fa48a6b5f5638fd0ed5e1 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Sun, 11 Feb 2024 02:27:51 +0100 Subject: [PATCH 25/40] GH Actions: minor tweaks * Remove `--checkstyle` for a lint job which doesn't display with `cs2pr`. * Remove a stray condition. --- .github/workflows/quicktest.yml | 2 +- .github/workflows/unit-tests.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index 547b0518d6..b1aff3188a 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -57,7 +57,7 @@ jobs: - name: Lint PHP files against parse errors if: ${{ matrix.dependencies == 'stable' }} - run: composer lint -- --checkstyle + run: composer lint - name: Run the unit tests without code coverage if: ${{ github.ref_name != 'develop' }} diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 3d7bfd6dd1..c427e16ff4 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -119,7 +119,7 @@ jobs: custom-cache-suffix: $(date -u "+%Y-%m") - name: "Composer: downgrade PHPCS dependencies for tests (lowest)" - if: ${{ ! startsWith( matrix.php, '8' ) && matrix.dependencies == 'lowest' }} + if: ${{ matrix.dependencies == 'lowest' }} run: > composer update --prefer-lowest --no-scripts --no-interaction squizlabs/php_codesniffer From cdda1f2315b3b2299836a599b5ce9f9eaed576d7 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Fri, 16 Feb 2024 05:07:23 +0100 Subject: [PATCH 26/40] GH Actions: move code coverage build without MbString to PHP 7.2 PHP 7.2 should be using PHPUnit 8, which doesn't use PHP Parser, so _fingers crossed_, this should solve the build failure. --- .github/workflows/unit-tests.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index c427e16ff4..170c2a934c 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -32,7 +32,7 @@ jobs: coverage: [false] include: - - php: '7.4' + - php: '7.2' dependencies: 'stable' extensions: ':mbstring' # = Disable Mbstring. coverage: true # Make sure coverage is recorded for this too. From 1ea048be6776f5698c2031291da1942905702fbd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Mar 2024 09:20:39 +0000 Subject: [PATCH 27/40] GH Actions: Bump ramsey/composer-install from 2 to 3 Bumps [ramsey/composer-install](https://github.com/ramsey/composer-install) from 2 to 3. - [Release notes](https://github.com/ramsey/composer-install/releases) - [Commits](https://github.com/ramsey/composer-install/compare/v2...v3) --- updated-dependencies: - dependency-name: ramsey/composer-install dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/basic-qa.yml | 6 +++--- .github/workflows/quicktest.yml | 2 +- .github/workflows/unit-tests.yml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/basic-qa.yml b/.github/workflows/basic-qa.yml index 9d20cb4118..91dc15fbee 100644 --- a/.github/workflows/basic-qa.yml +++ b/.github/workflows/basic-qa.yml @@ -51,7 +51,7 @@ jobs: phpcsstandards/phpcsextra:"${{ env.EXTRA_DEV }}" - name: Install Composer dependencies - uses: ramsey/composer-install@v2 + uses: ramsey/composer-install@v3 with: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") @@ -133,7 +133,7 @@ jobs: phpcsstandards/phpcsextra:"${{ env.EXTRA_DEV }}" - name: Install Composer dependencies - uses: ramsey/composer-install@v2 + uses: ramsey/composer-install@v3 with: composer-options: --no-dev # Bust the cache at least once a month - output format: YYYY-MM. @@ -204,7 +204,7 @@ jobs: # Dependencies need to be installed to make sure the PHPCS and PHPUnit classes are recognized. # @link https://github.com/marketplace/actions/install-php-dependencies-with-composer - name: Install Composer dependencies - uses: "ramsey/composer-install@v2" + uses: "ramsey/composer-install@v3" with: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml index b1aff3188a..41bc3fdef5 100644 --- a/.github/workflows/quicktest.yml +++ b/.github/workflows/quicktest.yml @@ -42,7 +42,7 @@ jobs: coverage: ${{ github.ref_name == 'develop' && 'xdebug' || 'none' }} - name: Install Composer dependencies - uses: ramsey/composer-install@v2 + uses: ramsey/composer-install@v3 with: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 170c2a934c..ec18ae54e5 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -113,7 +113,7 @@ jobs: phpcsstandards/phpcsextra:"${{ env.EXTRA_DEV }}" - name: Install Composer dependencies - uses: ramsey/composer-install@v2 + uses: ramsey/composer-install@v3 with: # Bust the cache at least once a month - output format: YYYY-MM. custom-cache-suffix: $(date -u "+%Y-%m") From 9d29ddce34c0dc034d12073488b640243e07bd6a Mon Sep 17 00:00:00 2001 From: jrfnl Date: Fri, 16 Feb 2024 14:30:09 +0100 Subject: [PATCH 28/40] Composer: raise the minimum supported PHPCS version to 3.9.0 --- .github/CONTRIBUTING.md | 2 +- composer.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 06f9b9065e..4904cd9e7e 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -39,7 +39,7 @@ When you introduce new `public` sniff properties, or your sniff extends a class ## Pre-requisites * WordPress-Coding-Standards -* PHP_CodeSniffer 3.8.0 or higher +* PHP_CodeSniffer 3.9.0 or higher * PHPCSUtils 1.0.9 or higher * PHPCSExtra 1.2.1 or higher * PHPUnit 4.x - 9.x diff --git a/composer.json b/composer.json index f54f513325..2a41cd4c51 100644 --- a/composer.json +++ b/composer.json @@ -21,7 +21,7 @@ "ext-libxml": "*", "ext-tokenizer": "*", "ext-xmlreader": "*", - "squizlabs/php_codesniffer": "^3.8.0", + "squizlabs/php_codesniffer": "^3.9.0", "phpcsstandards/phpcsutils": "^1.0.9", "phpcsstandards/phpcsextra": "^1.2.1" }, From 92751a146a1bf179441618ebff198d2eb6b2aa22 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Fri, 16 Feb 2024 14:35:21 +0100 Subject: [PATCH 29/40] Extra: do not allow ambiguous conditions This new PHPCS 3.9.0 sniff will flag code which contains a `||` and a `&&` operator in the same condition and their precedence is not clarified via parenthesis. This should allow for users of WPCS to find/prevent some bugs in code. I'd personally would **_highly_** recommend for WP Core to also use this sniff, but I suspect that will need due discussion/Make post/handbook change. Note: running this sniff on WP Core as-is, would (to my surprise) not actually trigger any new errors. Includes updating a code snippet in the Ruleset test to comply. --- Tests/RulesetCheck/class-ruleset-test.inc | 2 +- WordPress-Extra/ruleset.xml | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/Tests/RulesetCheck/class-ruleset-test.inc b/Tests/RulesetCheck/class-ruleset-test.inc index b674946ded..e45a2bc7d6 100644 --- a/Tests/RulesetCheck/class-ruleset-test.inc +++ b/Tests/RulesetCheck/class-ruleset-test.inc @@ -64,7 +64,7 @@ class Ruleset_Test { if ( preg_match( '`' . preg_quote( $param_a, '`' ) . '`i', $param_b ) === 1 ) { echo esc_html( "doublequoted $string" ); } elseif ( $this->a ) { - $ab = $a % $b + $c / $d && $param_a || $param_b >> $bitshift; + $ab = $a % $b + $c / $d && ( $param_a || $param_b >> $bitshift ); } }; diff --git a/WordPress-Extra/ruleset.xml b/WordPress-Extra/ruleset.xml index 8b065c7a1f..ab0e8db3b7 100644 --- a/WordPress-Extra/ruleset.xml +++ b/WordPress-Extra/ruleset.xml @@ -41,6 +41,10 @@ https://github.com/WordPress/WordPress-Coding-Standards/pull/809 --> + + + From 95904f3fb0d95bcced99005949eebad71bf40a10 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 5 Mar 2024 09:23:30 +0100 Subject: [PATCH 30/40] WhiteSpace/OperatorSpacing: add extra test Upstream a PR is open - and will be merged soon - to change the protection against the `Squiz` sniff, which this sniff extends, handling operators found in `declare()` statements. In particular, the PR is about how the sniff handles parse errors/live coding for declare statements. As the WPCS sniff calls the parent `register()` method and falls through to the parent `process()` method, the WPCS sniff should automatically get that extra protection too. This commit just adds an extra test to the `WordPress.WhiteSpace.OperatorSpacing` to safeguard things. --- WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc | 4 ++++ WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc.fixed | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc b/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc index e58abf8cd0..eed51cbd42 100644 --- a/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc +++ b/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc @@ -75,3 +75,7 @@ function fooBar( TypeA&namespace\TypeB $param ) : \TypeC&Partially\Qualified {} class Foo { public readonly int|string $prop; } + +// Safeguard that declare statements are ignored. +// Ref: https://github.com/PHPCSStandards/PHP_CodeSniffer/pull/289 +declare(ticks=1); diff --git a/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc.fixed b/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc.fixed index 43ab5ae914..ef8fa828b2 100644 --- a/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc.fixed +++ b/WordPress/Tests/WhiteSpace/OperatorSpacingUnitTest.inc.fixed @@ -75,3 +75,7 @@ function fooBar( TypeA&namespace\TypeB $param ) : \TypeC&Partially\Qualified {} class Foo { public readonly int|string $prop; } + +// Safeguard that declare statements are ignored. +// Ref: https://github.com/PHPCSStandards/PHP_CodeSniffer/pull/289 +declare(ticks=1); From 1a3c8e579631e294bbe33c1e081e9ed36d2b988c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Mar 2024 09:05:04 +0000 Subject: [PATCH 31/40] GH Actions: Bump mondeja/remove-labels-gh-action from 1 to 2 Bumps [mondeja/remove-labels-gh-action](https://github.com/mondeja/remove-labels-gh-action) from 1 to 2. - [Release notes](https://github.com/mondeja/remove-labels-gh-action/releases) - [Commits](https://github.com/mondeja/remove-labels-gh-action/compare/v1...v2) --- updated-dependencies: - dependency-name: mondeja/remove-labels-gh-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/manage-labels.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/manage-labels.yml b/.github/workflows/manage-labels.yml index 6d27b145c1..56de1c5ac0 100644 --- a/.github/workflows/manage-labels.yml +++ b/.github/workflows/manage-labels.yml @@ -17,7 +17,7 @@ jobs: name: Clean up labels on PR merge steps: - - uses: mondeja/remove-labels-gh-action@v1 + - uses: mondeja/remove-labels-gh-action@v2 with: token: ${{ secrets.GITHUB_TOKEN }} labels: | @@ -31,7 +31,7 @@ jobs: name: Clean up labels on PR close steps: - - uses: mondeja/remove-labels-gh-action@v1 + - uses: mondeja/remove-labels-gh-action@v2 with: token: ${{ secrets.GITHUB_TOKEN }} labels: | @@ -46,7 +46,7 @@ jobs: name: Clean up labels on issue close steps: - - uses: mondeja/remove-labels-gh-action@v1 + - uses: mondeja/remove-labels-gh-action@v2 with: token: ${{ secrets.GITHUB_TOKEN }} labels: | From a87abeb57e335f11b2417c6b68f0a1da6336e0f8 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Mon, 18 Mar 2024 17:38:24 +0100 Subject: [PATCH 32/40] PHPStan config: update for release of PHPCSUtils 1.0.10 PHPCSUtils 1.0.10 has been released, which fixes two false positives, meaning these ignore annotations can now be removed (as per the inline comments). Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10 --- phpstan.neon.dist | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/phpstan.neon.dist b/phpstan.neon.dist index 3a6b72bc14..e9edfc43bc 100644 --- a/phpstan.neon.dist +++ b/phpstan.neon.dist @@ -11,12 +11,6 @@ parameters: # Level 0 - '#^Result of method \S+ \(void\) is used\.$#' - - - # False positive. Will be fixed via next version of PHPCSUtils. - count: 1 - message: "#^Cannot unset offset 'query' on non-empty-array>.$#" - path: WordPress/Sniffs/DB/PreparedSQLPlaceholdersSniff.php - # Level 4 - '#^Property \S+::\$\S+ \([^)]+\) in isset\(\) is not nullable\.$#' - @@ -28,11 +22,5 @@ parameters: message: '#^Strict comparison using === between true and false will always evaluate to false\.$#' path: WordPress/Sniffs/Utils/I18nTextDomainFixerSniff.php - - - # False positive. Will be fixed via next version of PHPCSUtils. - count: 1 - message: "#^Cannot unset offset 'file' on array>.$#" - path: WordPress/Sniffs/Security/EscapeOutputSniff.php - # Level 5 - '#^Parameter \#3 \$value of method \S+File::recordMetric\(\) expects string, \(?(float|int|bool)(\|(float|int|bool))*\)? given\.$#' From ca426e783244316bf83c8e1f6b9239a7222b6e0a Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Mar 2024 05:01:56 +0100 Subject: [PATCH 33/40] NamingConventions/PrefixAllGlobals: update the functions list based on WP 6.5-RC3 Based on a scan of WP Core at commit https://github.com/WordPress/wordpress-develop/commit/359570422bf8ad97263d903c2fb7235924c8dce0 using a preliminary sniff created for issue 1803. --- .../NamingConventions/PrefixAllGlobalsSniff.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/WordPress/Sniffs/NamingConventions/PrefixAllGlobalsSniff.php b/WordPress/Sniffs/NamingConventions/PrefixAllGlobalsSniff.php index b04a652f89..dd3aec69fe 100644 --- a/WordPress/Sniffs/NamingConventions/PrefixAllGlobalsSniff.php +++ b/WordPress/Sniffs/NamingConventions/PrefixAllGlobalsSniff.php @@ -147,7 +147,7 @@ final class PrefixAllGlobalsSniff extends AbstractFunctionParameterSniff { * Only overrulable constants are listed, i.e. those defined within core within * a `if ( ! defined() ) {}` wrapper. * - * Last update: July 2023 for WP 6.3 at https://github.com/WordPress/wordpress-develop/commit/6281ce432c50345a57768bf53854d9b65b6cdd52 + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 1.0.0 * @since 3.0.0 Renamed from `$whitelisted_core_constants` to `$allowed_core_constants`. @@ -201,6 +201,8 @@ final class PrefixAllGlobalsSniff extends AbstractFunctionParameterSniff { * * Note: deprecated functions should still be included in this list as plugins may support older WP versions. * + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} + * * @since 3.0.0. * * @var array Key is function name, value irrelevant. @@ -236,6 +238,7 @@ final class PrefixAllGlobalsSniff extends AbstractFunctionParameterSniff { 'twentyeleven_comment' => true, 'twentyeleven_content_nav' => true, 'twentyeleven_continue_reading_link' => true, + 'twentyeleven_header_image' => true, 'twentyeleven_header_style' => true, 'twentyeleven_posted_on' => true, 'twentyeleven_setup' => true, @@ -255,6 +258,7 @@ final class PrefixAllGlobalsSniff extends AbstractFunctionParameterSniff { 'twentyfourteen_admin_header_style' => true, 'twentyfourteen_excerpt_more' => true, 'twentyfourteen_font_url' => true, + 'twentyfourteen_header_image' => true, 'twentyfourteen_header_style' => true, 'twentyfourteen_list_authors' => true, 'twentyfourteen_paging_nav' => true, @@ -296,6 +300,7 @@ final class PrefixAllGlobalsSniff extends AbstractFunctionParameterSniff { 'twentyten_admin_header_style' => true, 'twentyten_comment' => true, 'twentyten_continue_reading_link' => true, + 'twentyten_header_image' => true, 'twentyten_posted_in' => true, 'twentyten_posted_on' => true, 'twentyten_setup' => true, @@ -317,6 +322,9 @@ final class PrefixAllGlobalsSniff extends AbstractFunctionParameterSniff { 'twentytwenty_get_customizer_css' => true, 'twentytwenty_get_theme_svg' => true, 'twentytwenty_the_theme_svg' => true, + 'twentytwentyfour_block_styles' => true, + 'twentytwentyfour_block_stylesheets' => true, + 'twentytwentyfour_pattern_categories' => true, 'twentytwentytwo_styles' => true, 'twentytwentytwo_support' => true, 'wp_authenticate' => true, @@ -374,6 +382,8 @@ final class PrefixAllGlobalsSniff extends AbstractFunctionParameterSniff { * * Note: deprecated classes should still be included in this list as plugins may support older WP versions. * + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} + * * @since 3.0.0. * * @var array Key is class name, value irrelevant. From c6513cf8055cf50e00b5aaea353ff4ab1d93072b Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Mar 2024 05:02:13 +0100 Subject: [PATCH 34/40] NamingConventions/ValidPostTypeSlug: update the reserved post types list based on WP 6.5-RC3 Based on a scan of WP Core at commit https://github.com/WordPress/wordpress-develop/commit/359570422bf8ad97263d903c2fb7235924c8dce0 using a preliminary sniff created for issue 1803. --- WordPress/Sniffs/NamingConventions/ValidPostTypeSlugSniff.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/WordPress/Sniffs/NamingConventions/ValidPostTypeSlugSniff.php b/WordPress/Sniffs/NamingConventions/ValidPostTypeSlugSniff.php index 2e01da8abf..9b3d3db4be 100644 --- a/WordPress/Sniffs/NamingConventions/ValidPostTypeSlugSniff.php +++ b/WordPress/Sniffs/NamingConventions/ValidPostTypeSlugSniff.php @@ -63,7 +63,7 @@ final class ValidPostTypeSlugSniff extends AbstractFunctionParameterSniff { * * Source: {@link https://developer.wordpress.org/reference/functions/register_post_type/#reserved-post-types} * - * Last update: July 2023 for WP 6.3 at https://github.com/WordPress/wordpress-develop/commit/6281ce432c50345a57768bf53854d9b65b6cdd52 + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 2.2.0 * @@ -84,6 +84,8 @@ final class ValidPostTypeSlugSniff extends AbstractFunctionParameterSniff { 'theme' => true, // Not a WP post type, but prevents other problems. 'user_request' => true, 'wp_block' => true, + 'wp_font_face' => true, + 'wp_font_family' => true, 'wp_global_styles' => true, 'wp_navigation' => true, 'wp_template' => true, From 5e988d8a1c363cac245cd068c7a114a63e8ec359 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Mar 2024 04:45:59 +0100 Subject: [PATCH 35/40] WP/ClassNameCase: update the class lists based on WP 6.5-RC3 Based on a scan of WP Core at commit https://github.com/WordPress/wordpress-develop/commit/359570422bf8ad97263d903c2fb7235924c8dce0 using a preliminary sniff created for issue 1803. --- WordPress/Sniffs/WP/ClassNameCaseSniff.php | 76 ++++++++++++++++++++-- 1 file changed, 69 insertions(+), 7 deletions(-) diff --git a/WordPress/Sniffs/WP/ClassNameCaseSniff.php b/WordPress/Sniffs/WP/ClassNameCaseSniff.php index e1abd225a6..7de22afd5b 100644 --- a/WordPress/Sniffs/WP/ClassNameCaseSniff.php +++ b/WordPress/Sniffs/WP/ClassNameCaseSniff.php @@ -25,7 +25,7 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { * * Note: this list will be enhanced in the class constructor. * - * {@internal To be updated after every major release. Last updated for WordPress 6.3-RC1.} + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 3.0.0 * @@ -121,6 +121,8 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_Application_Passwords_List_Table', 'WP_Automatic_Updater', 'WP_Block', + 'WP_Block_Bindings_Registry', + 'WP_Block_Bindings_Source', 'WP_Block_Editor_Context', 'WP_Block_List', 'WP_Block_Parser', @@ -192,10 +194,21 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_Filesystem_FTPext', 'WP_Filesystem_SSH2', 'WP_Filesystem_ftpsockets', + 'WP_Font_Collection', + 'WP_Font_Face', + 'WP_Font_Face_Resolver', + 'WP_Font_Library', + 'WP_Font_Utils', + 'WP_HTML_Active_Formatting_Elements', 'WP_HTML_Attribute_Token', + 'WP_HTML_Open_Elements', + 'WP_HTML_Processor', + 'WP_HTML_Processor_State', 'WP_HTML_Span', 'WP_HTML_Tag_Processor', 'WP_HTML_Text_Replacement', + 'WP_HTML_Token', + 'WP_HTML_Unsupported_Exception', 'WP_HTTP_Fsockopen', 'WP_HTTP_IXR_Client', 'WP_HTTP_Proxy', @@ -212,6 +225,8 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_Image_Editor_GD', 'WP_Image_Editor_Imagick', 'WP_Importer', + 'WP_Interactivity_API', + 'WP_Interactivity_API_Directives_Processor', 'WP_Internal_Pointers', 'WP_Links_List_Table', 'WP_List_Table', @@ -226,11 +241,13 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_Meta_Query', 'WP_Metadata_Lazyloader', 'WP_Nav_Menu_Widget', + 'WP_Navigation_Block_Renderer', 'WP_Navigation_Fallback', 'WP_Network', 'WP_Network_Query', 'WP_Object_Cache', 'WP_Paused_Extensions_Storage', + 'WP_Plugin_Dependencies', 'WP_Plugin_Install_List_Table', 'WP_Plugins_List_Table', 'WP_Post', @@ -257,6 +274,9 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_REST_Comments_Controller', 'WP_REST_Controller', 'WP_REST_Edit_Site_Export_Controller', + 'WP_REST_Font_Collections_Controller', + 'WP_REST_Font_Faces_Controller', + 'WP_REST_Font_Families_Controller', 'WP_REST_Global_Styles_Controller', 'WP_REST_Global_Styles_Revisions_Controller', 'WP_REST_Menu_Items_Controller', @@ -282,6 +302,8 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_REST_Sidebars_Controller', 'WP_REST_Site_Health_Controller', 'WP_REST_Taxonomies_Controller', + 'WP_REST_Template_Autosaves_Controller', + 'WP_REST_Template_Revisions_Controller', 'WP_REST_Templates_Controller', 'WP_REST_Term_Meta_Fields', 'WP_REST_Term_Search_Handler', @@ -301,6 +323,7 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_Role', 'WP_Roles', 'WP_Screen', + 'WP_Script_Modules', 'WP_Scripts', 'WP_Session_Tokens', 'WP_Sidebar_Block_Editor_Control', @@ -341,6 +364,11 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { 'WP_Theme_JSON_Resolver', 'WP_Theme_JSON_Schema', 'WP_Themes_List_Table', + 'WP_Translation_Controller', + 'WP_Translation_File', + 'WP_Translation_File_MO', + 'WP_Translation_File_PHP', + 'WP_Translations', 'WP_Upgrader', 'WP_Upgrader_Skin', 'WP_User', @@ -384,7 +412,7 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { * * Note: this list will be enhanced in the class constructor. * - * {@internal To be updated after every major release. Last updated for WordPress 6.3-RC1.} + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 3.0.0 * @@ -412,11 +440,33 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { ); /** - * List of all GetID3 classes include in WP Core. + * List of all AVIF classes included in WP Core. * * Note: this list will be enhanced in the class constructor. * - * {@internal To be updated after every major release. Last updated for WordPress 6.3-RC1.} + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} + * + * @since 3.1.0 + * + * @var string[] The class names in their "proper" case. + * The constructor will add the lowercased class name as a key to each entry. + */ + private $avif_classes = array( + 'Avifinfo\\Box', + 'Avifinfo\\Chan_Prop', + 'Avifinfo\\Dim_Prop', + 'Avifinfo\\Features', + 'Avifinfo\\Parser', + 'Avifinfo\\Prop', + 'Avifinfo\\Tile', + ); + + /** + * List of all GetID3 classes included in WP Core. + * + * Note: this list will be enhanced in the class constructor. + * + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 3.0.0 * @@ -452,7 +502,7 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { * * Note: this list will be enhanced in the class constructor. * - * {@internal To be updated after every major release. Last updated for WordPress 6.3-RC1.} + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 3.0.0 * @@ -470,7 +520,7 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { * * Note: this list will be enhanced in the class constructor. * - * {@internal To be updated after every major release. Last updated for WordPress 6.3-RC1.} + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 3.0.0 * @@ -614,7 +664,7 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { * * Note: this list will be enhanced in the class constructor. * - * {@internal To be updated after every major release. Last updated for WordPress 6.3-RC1.} + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @since 3.0.0 * @@ -684,6 +734,17 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { */ private $wp_themes_classes_lc = array(); + /** + * List of all AVIF classes in lowercase. + * + * This array is automatically generated in the class constructor based on the $avif_classes property. + * + * @since 3.1.0 + * + * @var string[] The class names in lowercase. + */ + private $avif_classes_lc = array(); + /** * List of all GetID3 classes in lowercase. * @@ -740,6 +801,7 @@ final class ClassNameCaseSniff extends AbstractClassRestrictionsSniff { private $class_groups = array( 'wp_classes', 'wp_themes_classes', + 'avif_classes', 'getid3_classes', 'phpmailer_classes', 'requests_classes', From 8b1ef9b07575abe22efa84b6aca14489b7d33601 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Mar 2024 04:53:47 +0100 Subject: [PATCH 36/40] WP/DeprecatedClasses: update the class list based on WP 6.5-RC3 Based on a scan of WP Core at commit https://github.com/WordPress/wordpress-develop/commit/359570422bf8ad97263d903c2fb7235924c8dce0 using a preliminary sniff created for issue 1803. Includes tests. --- WordPress/Sniffs/WP/DeprecatedClassesSniff.php | 12 +++++++++++- WordPress/Tests/WP/DeprecatedClassesUnitTest.inc | 7 +++++++ WordPress/Tests/WP/DeprecatedClassesUnitTest.php | 5 ++++- 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/WordPress/Sniffs/WP/DeprecatedClassesSniff.php b/WordPress/Sniffs/WP/DeprecatedClassesSniff.php index 4c37043468..dc512c2032 100644 --- a/WordPress/Sniffs/WP/DeprecatedClassesSniff.php +++ b/WordPress/Sniffs/WP/DeprecatedClassesSniff.php @@ -41,7 +41,7 @@ final class DeprecatedClassesSniff extends AbstractClassRestrictionsSniff { * * Version numbers should be fully qualified. * - * Last update: July 2023 for WP 6.3 at https://github.com/WordPress/wordpress-develop/commit/6281ce432c50345a57768bf53854d9b65b6cdd52 + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} * * @var array */ @@ -84,6 +84,16 @@ final class DeprecatedClassesSniff extends AbstractClassRestrictionsSniff { 'alt' => 'The PHP native JSON extension', 'version' => '5.3.0', ), + + // WP 6.4.0. + 'WP_Http_Curl' => array( + 'alt' => 'WP_Http', + 'version' => '6.4.0', + ), + 'WP_Http_Streams' => array( + 'alt' => 'WP_Http', + 'version' => '6.4.0', + ), ); /** diff --git a/WordPress/Tests/WP/DeprecatedClassesUnitTest.inc b/WordPress/Tests/WP/DeprecatedClassesUnitTest.inc index 7f7f38ef6f..b0bb1d4dfa 100644 --- a/WordPress/Tests/WP/DeprecatedClassesUnitTest.inc +++ b/WordPress/Tests/WP/DeprecatedClassesUnitTest.inc @@ -23,3 +23,10 @@ $json = new Services_JSON; $json = new Services_JSON_Error; class Prefix_Menu_section extends WP_Privacy_Data_Export_Requests_Table {} WP_Privacy_Data_Removal_Requests_Table::foo(); + +/* + * Warning + */ +/* ============ WP 6.4 ============ */ +WP_Http_Curl::do_something(); +$streams = new WP_Http_Streams(); diff --git a/WordPress/Tests/WP/DeprecatedClassesUnitTest.php b/WordPress/Tests/WP/DeprecatedClassesUnitTest.php index 0b82daff65..a0d2a7b41f 100644 --- a/WordPress/Tests/WP/DeprecatedClassesUnitTest.php +++ b/WordPress/Tests/WP/DeprecatedClassesUnitTest.php @@ -43,6 +43,9 @@ public function getErrorList() { * @return array Key is the line number, value is the number of expected warnings. */ public function getWarningList() { - return array(); + return array( + 31 => 1, + 32 => 1, + ); } } From 16d40a006fdcedef44d60edac1f7bbdca963376e Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Mar 2024 05:39:06 +0100 Subject: [PATCH 37/40] WP/DeprecatedFunctions: update the functions list based on WP 6.5-RC3 Based on a scan of WP Core at commit https://github.com/WordPress/wordpress-develop/commit/359570422bf8ad97263d903c2fb7235924c8dce0 using a preliminary sniff created for issue 1803. Includes tests. --- .../Sniffs/WP/DeprecatedFunctionsSniff.php | 61 ++++++++++++++++++- .../Tests/WP/DeprecatedFunctionsUnitTest.inc | 15 +++++ .../Tests/WP/DeprecatedFunctionsUnitTest.php | 6 +- 3 files changed, 77 insertions(+), 5 deletions(-) diff --git a/WordPress/Sniffs/WP/DeprecatedFunctionsSniff.php b/WordPress/Sniffs/WP/DeprecatedFunctionsSniff.php index fc7af255e7..1b55b91910 100644 --- a/WordPress/Sniffs/WP/DeprecatedFunctionsSniff.php +++ b/WordPress/Sniffs/WP/DeprecatedFunctionsSniff.php @@ -37,15 +37,14 @@ final class DeprecatedFunctionsSniff extends AbstractFunctionRestrictionsSniff { /** * List of deprecated functions with alternative when available. * - * To be updated after every major release. - * Last updated for WordPress 6.3. - * * Version numbers should be fully qualified. * Replacement functions should have parentheses. * * To retrieve a function list for comparison, the following tool is available: * https://github.com/JDGrimes/wp-deprecated-code-scanner * + * {@internal To be updated after every major release. Last updated for WordPress 6.5-RC3.} + * * @var array */ private $deprecated_functions = array( @@ -1597,6 +1596,62 @@ final class DeprecatedFunctionsSniff extends AbstractFunctionRestrictionsSniff { 'alt' => '', 'version' => '6.3.0', ), + + // WP 6.4.0. + '_admin_bar_bump_cb' => array( + 'alt' => 'wp_enqueue_admin_bar_bump_styles()', + 'version' => '6.4.0', + ), + '_inject_theme_attribute_in_block_template_content' => array( + 'alt' => 'traverse_and_serialize_blocks( parse_blocks( $template_content ), \'_inject_theme_attribute_in_template_part_block\' )', + 'version' => '6.4.0', + ), + '_remove_theme_attribute_in_block_template_content' => array( + 'alt' => 'traverse_and_serialize_blocks( parse_blocks( $template_content ), \'_remove_theme_attribute_from_template_part_block\' )', + 'version' => '6.4.0', + ), + '_wp_theme_json_webfonts_handler' => array( + 'alt' => 'wp_print_font_faces()', + 'version' => '6.4.0', + ), + 'print_embed_styles' => array( + 'alt' => 'wp_enqueue_embed_styles()', + 'version' => '6.4.0', + ), + 'print_emoji_styles' => array( + 'alt' => 'wp_enqueue_emoji_styles()', + 'version' => '6.4.0', + ), + 'the_block_template_skip_link' => array( + 'alt' => 'wp_enqueue_block_template_skip_link()', + 'version' => '6.4.0', + ), + 'wp_admin_bar_header' => array( + 'alt' => 'wp_enqueue_admin_bar_header_styles()', + 'version' => '6.4.0', + ), + 'wp_img_tag_add_decoding_attr' => array( + 'alt' => 'wp_img_tag_add_loading_optimization_attrs()', + 'version' => '6.4.0', + ), + 'wp_update_https_detection_errors' => array( + 'alt' => 'wp_get_https_detection_errors()', + 'version' => '6.4.0', + ), + + // WP 6.5.0. + 'block_core_file_ensure_interactivity_dependency' => array( + 'alt' => 'wp_register_script_module()', + 'version' => '6.5.0', + ), + 'block_core_image_ensure_interactivity_dependency' => array( + 'alt' => 'wp_register_script_module()', + 'version' => '6.5.0', + ), + 'block_core_query_ensure_interactivity_dependency' => array( + 'alt' => 'wp_register_script_module()', + 'version' => '6.5.0', + ), ); /** diff --git a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc index e0f8483af2..5c592b70d7 100644 --- a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc +++ b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc @@ -411,3 +411,18 @@ wp_tinycolor_hsl_to_rgb(); wp_tinycolor_hue_to_rgb(); wp_tinycolor_rgb_to_rgb(); wp_tinycolor_string_to_rgb(); +/* ============ WP 6.4 ============ */ +_admin_bar_bump_cb(); +_inject_theme_attribute_in_block_template_content(); +_remove_theme_attribute_in_block_template_content(); +_wp_theme_json_webfonts_handler(); +print_embed_styles(); +print_emoji_styles(); +the_block_template_skip_link(); +wp_admin_bar_header(); +wp_img_tag_add_decoding_attr(); +wp_update_https_detection_errors(); +/* ============ WP 6.5 ============ */ +block_core_file_ensure_interactivity_dependency(); +block_core_image_ensure_interactivity_dependency(); +block_core_query_ensure_interactivity_dependency(); diff --git a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php index b3e66f34b0..0aeaec42fa 100644 --- a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php +++ b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php @@ -86,7 +86,7 @@ public function getErrorList() { */ public function getWarningList() { $start_line = 368; - $end_line = 413; + $end_line = 428; $warnings = array_fill( $start_line, ( ( $end_line - $start_line ) + 1 ), 1 ); // Unset the lines related to version comments. @@ -95,7 +95,9 @@ public function getWarningList() { $warnings[375], $warnings[377], $warnings[387], - $warnings[390] + $warnings[390], + $warnings[414], + $warnings[425] ); return $warnings; From 4e384e2067b15f33bc962c8586767dae2862ac12 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Mar 2024 16:12:59 +0100 Subject: [PATCH 38/40] Update the `minimum_wp_version` to WP 6.2 The minimum version should be three versions behind the latest WP release, so what with 6.5 being in RC, to be released on next week, it should now become 6.2. Includes updating the tests to match. Previous: 2121, 2321 --- WordPress/Helpers/MinimumWPVersionTrait.php | 2 +- .../Tests/DB/PreparedSQLPlaceholdersUnitTest.inc | 8 ++++---- .../Tests/DB/PreparedSQLPlaceholdersUnitTest.php | 2 +- WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc | 8 ++++---- WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php | 14 +++++++------- .../Tests/WP/DeprecatedParametersUnitTest.inc | 2 +- .../Tests/WP/DeprecatedParametersUnitTest.php | 8 ++------ 7 files changed, 20 insertions(+), 24 deletions(-) diff --git a/WordPress/Helpers/MinimumWPVersionTrait.php b/WordPress/Helpers/MinimumWPVersionTrait.php index 92df2a4a6e..15679337e0 100644 --- a/WordPress/Helpers/MinimumWPVersionTrait.php +++ b/WordPress/Helpers/MinimumWPVersionTrait.php @@ -79,7 +79,7 @@ trait MinimumWPVersionTrait { * * @var string WordPress version. */ - private $default_minimum_wp_version = '6.0'; + private $default_minimum_wp_version = '6.2'; /** * Overrule the minimum supported WordPress version with a command-line/config value. diff --git a/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.inc b/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.inc index bbceb7ce5b..19af3655a7 100644 --- a/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.inc +++ b/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.inc @@ -343,10 +343,10 @@ $where = $wpdb->prepare( ); // OK. // Disregard comments in the array_fill() $value param. -$wpdb->prepare( ' - xxx IN ( ' . implode( ',', array_fill( 0, count( $post_types ), '%i' /*comment*/ ) ) . ' )', - $fields -); // IdentifierWithinIN. +// Also test handling of %i when minimum supported WP version is not high enough yet. +// phpcs:set WordPress.DB.PreparedSQLPlaceholders minimum_wp_version 6.0 +$wpdb->prepare( 'xxx IN ( ' . implode( ',', array_fill( 0, count( $post_types ), '%i' /*comment*/ ) ) . ' )', $fields ); // IdentifierWithinIN. +// phpcs:set WordPress.DB.PreparedSQLPlaceholders minimum_wp_version $where = $wpdb->prepare( "{$wpdb->posts}.post_type IN (" diff --git a/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.php b/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.php index 10acc9493d..df0bc753bf 100644 --- a/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.php +++ b/WordPress/Tests/DB/PreparedSQLPlaceholdersUnitTest.php @@ -101,7 +101,7 @@ public function getErrorList() { 315 => 1, 322 => 1, - 347 => 2, // UnsupportedIdentifierPlaceholder + IdentifierWithinIN. + 348 => 2, // UnsupportedIdentifierPlaceholder + IdentifierWithinIN. 353 => 1, // Named parameter support. diff --git a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc index 5c592b70d7..32a86faced 100644 --- a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc +++ b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.inc @@ -360,10 +360,6 @@ _excerpt_render_inner_columns_blocks(); readonly(); /* ============ WP 5.9.1 ============ */ wp_render_duotone_filter_preset(); - -/* - * Warning. - */ /* ============ WP 6.0 ============ */ image_attachment_fields_to_save(); wp_add_iframed_editor_assets_html(); @@ -384,6 +380,10 @@ install_global_terms(); sync_category_tag_slugs(); wp_get_attachment_thumb_file(); wp_typography_get_css_variable_inline_style(); + +/* + * Warning. + */ /* ============ WP 6.2 ============ */ _resolve_home_block_template(); get_page_by_title(); diff --git a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php index 0aeaec42fa..b1bc8470e9 100644 --- a/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php +++ b/WordPress/Tests/WP/DeprecatedFunctionsUnitTest.php @@ -28,7 +28,7 @@ final class DeprecatedFunctionsUnitTest extends AbstractSniffUnitTest { */ public function getErrorList() { $start_line = 8; - $end_line = 362; + $end_line = 382; $errors = array_fill( $start_line, ( ( $end_line - $start_line ) + 1 ), 1 ); // Unset the lines related to version comments. @@ -73,7 +73,11 @@ public function getErrorList() { $errors[353], $errors[357], $errors[359], - $errors[361] + $errors[361], + $errors[363], + $errors[369], + $errors[371], + $errors[373] ); return $errors; @@ -85,16 +89,12 @@ public function getErrorList() { * @return array Key is the line number, value is the number of expected warnings. */ public function getWarningList() { - $start_line = 368; + $start_line = 388; $end_line = 428; $warnings = array_fill( $start_line, ( ( $end_line - $start_line ) + 1 ), 1 ); // Unset the lines related to version comments. unset( - $warnings[373], - $warnings[375], - $warnings[377], - $warnings[387], $warnings[390], $warnings[414], $warnings[425] diff --git a/WordPress/Tests/WP/DeprecatedParametersUnitTest.inc b/WordPress/Tests/WP/DeprecatedParametersUnitTest.inc index 7c8c37ab33..0618b9bca0 100644 --- a/WordPress/Tests/WP/DeprecatedParametersUnitTest.inc +++ b/WordPress/Tests/WP/DeprecatedParametersUnitTest.inc @@ -94,6 +94,6 @@ wp_notify_postauthor( '', 'null' ); // Null as a string not null. wp_title_rss( 'deprecated' ); wp_upload_bits( '', 'deprecated' ); xfn_check( '', '', 'deprecated' ); +global_terms( $foo, 'deprecated' ); // All will give an WARNING as they have been deprecated after WP 5.8. -global_terms( $foo, 'deprecated' ); diff --git a/WordPress/Tests/WP/DeprecatedParametersUnitTest.php b/WordPress/Tests/WP/DeprecatedParametersUnitTest.php index 5f4a6432a8..5022b72469 100644 --- a/WordPress/Tests/WP/DeprecatedParametersUnitTest.php +++ b/WordPress/Tests/WP/DeprecatedParametersUnitTest.php @@ -28,7 +28,7 @@ final class DeprecatedParametersUnitTest extends AbstractSniffUnitTest { */ public function getErrorList() { $start_line = 42; - $end_line = 96; + $end_line = 97; $errors = array_fill( $start_line, ( ( $end_line - $start_line ) + 1 ), 1 ); $errors[22] = 1; @@ -51,10 +51,6 @@ public function getErrorList() { * @return array Key is the line number, value is the number of expected warnings. */ public function getWarningList() { - $start_line = 99; - $end_line = 99; - $errors = array_fill( $start_line, ( ( $end_line - $start_line ) + 1 ), 1 ); - - return $errors; + return array(); } } From d4afaba9794e304cd41cbdf589446d5ef5eb1fd1 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Thu, 21 Mar 2024 19:16:11 +0100 Subject: [PATCH 39/40] Composer: raise the minimum supported PHPCSUtils version to 1.0.10 Nothing major in the 1.0.10 release, but updating the requirement prevents us having to deal with invalid bug reports when people would already be running WPCS against PHP 8.4, as two issues related to a PHP 8.4 deprecation have been fixed. Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10 --- .github/CONTRIBUTING.md | 2 +- composer.json | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index 4904cd9e7e..8990d1a7b1 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -40,7 +40,7 @@ When you introduce new `public` sniff properties, or your sniff extends a class ## Pre-requisites * WordPress-Coding-Standards * PHP_CodeSniffer 3.9.0 or higher -* PHPCSUtils 1.0.9 or higher +* PHPCSUtils 1.0.10 or higher * PHPCSExtra 1.2.1 or higher * PHPUnit 4.x - 9.x diff --git a/composer.json b/composer.json index 2a41cd4c51..5d35f95f21 100644 --- a/composer.json +++ b/composer.json @@ -22,7 +22,7 @@ "ext-tokenizer": "*", "ext-xmlreader": "*", "squizlabs/php_codesniffer": "^3.9.0", - "phpcsstandards/phpcsutils": "^1.0.9", + "phpcsstandards/phpcsutils": "^1.0.10", "phpcsstandards/phpcsextra": "^1.2.1" }, "require-dev": { From 87ab2047b836cc79ec34305525b21134e0845178 Mon Sep 17 00:00:00 2001 From: jrfnl Date: Tue, 14 Nov 2023 03:03:31 +0100 Subject: [PATCH 40/40] Changelog for the release of WordPressCS 3.1.0 --- CHANGELOG.md | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6aacee386f..c31047a355 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,36 @@ This projects adheres to [Semantic Versioning](https://semver.org/) and [Keep a _No documentation available about unreleased changes as of yet._ +## [3.1.0] - 2024-03-25 + +### Added +- WordPress-Core ruleset: now includes the `Universal.PHP.LowercasePHPTag` sniff. +- WordPress-Extra ruleset: now includes the `Generic.CodeAnalysis.RequireExplicitBooleanOperatorPrecedence` and the `Universal.CodeAnalysis.NoDoubleNegative` sniffs. +- The `sanitize_locale_name()` function to the list of known "escaping" functions. Props [@Chouby] +- The `sanitize_locale_name()` function to the list of known "sanitize & unslash" functions. Props [@Chouby] + +### Changed + +- The minimum required `PHP_CodeSniffer` version to 3.9.0 (was 3.7.2). +- The minimum required `PHPCSUtils` version to 1.0.10 (was 1.0.8). +- The minimum required `PHPCSExtra` version to 1.2.1 (was 1.1.0). + Please ensure you run `composer update wp-coding-standards/wpcs --with-dependencies` to benefit from these updates. +- Core ruleset: the spacing after the `use` keyword for closure `use` statements will now consistently be checked. Props [@westonruter] for reporting. +- The default value for `minimum_wp_version`, as used by a [number of sniffs detecting usage of deprecated WP features](https://github.com/WordPress/WordPress-Coding-Standards/wiki/Customizable-sniff-properties#various-sniffs-set-the-minimum-supported-wp-version), has been updated to `6.2`. +- `WordPress.NamingConventions.PrefixAllGlobals` has been updated to recognize pluggable functions introduced in WP 6.4 and 6.5. +- `WordPress.NamingConventions.ValidPostTypeSlug` has been updated to recognize reserved post types introduced in WP 6.4 and 6.5. +- `WordPress.WP.ClassNameCase` has been updated to recognize classes introduced in WP 6.4 and 6.5. +- `WordPress.WP.DeprecatedClasses` now detects classes deprecated in WordPress up to WP 6.5. +- `WordPress.WP.DeprecatedFunctions` now detects functions deprecated in WordPress up to WP 6.5. +- The `IsUnitTestTrait` will now recognize classes which extend the new WP Core `WP_Font_Face_UnitTestCase` class as test classes. +- The test suite can now run on PHPUnit 4.x - 9.x (was 4.x - 7.x), which should make contributing more straight forward. +- Various housekeeping, includes a contribution from [@rodrigoprimo]. + +### Fixed + +- `WordPress.WP.PostsPerPage` could potentially result in an `Internal.Exception` when encountering a query string which doesn't include the value for `posts_per_page` in the query string. Props [@anomiex] for reporting. + + ## [3.0.1] - 2023-09-14 ### Added @@ -1571,8 +1601,10 @@ See the comparison for full list. Initial tagged release. [Composer PHPCS plugin]: https://github.com/PHPCSStandards/composer-installer +[PHP_CodeSniffer]: https://github.com/PHPCSStandards/PHP_CodeSniffer [Unreleased]: https://github.com/WordPress/WordPress-Coding-Standards/compare/main...HEAD +[3.1.0]: https://github.com/WordPress/WordPress-Coding-Standards/compare/3.0.1...3.1.0 [3.0.1]: https://github.com/WordPress/WordPress-Coding-Standards/compare/3.0.0...3.0.1 [3.0.0]: https://github.com/WordPress/WordPress-Coding-Standards/compare/2.3.0...3.0.0 [2.3.0]: https://github.com/WordPress/WordPress-Coding-Standards/compare/2.2.1...2.3.0 @@ -1604,6 +1636,7 @@ Initial tagged release. [2013-10-06]: https://github.com/WordPress/WordPress-Coding-Standards/compare/2013-06-11...2013-10-06 [@anomiex]: https://github.com/anomiex +[@Chouby]: https://github.com/Chouby [@ckanitz]: https://github.com/ckanitz [@craigfrancis]: https://github.com/craigfrancis [@dawidurbanski]: https://github.com/dawidurbanski @@ -1615,5 +1648,7 @@ Initial tagged release. [@Luc45]: https://github.com/Luc45 [@marconmartins]: https://github.com/marconmartins [@NielsdeBlaauw]: https://github.com/NielsdeBlaauw +[@rodrigoprimo]: https://github.com/rodrigoprimo [@slaFFik]: https://github.com/slaFFik [@sandeshjangam]: https://github.com/sandeshjangam +[@westonruter]: https://github.com/westonruter