diff --git a/.github/workflows/basics.yml b/.github/workflows/basics.yml
index 9392d9a8..9ce6955c 100644
--- a/.github/workflows/basics.yml
+++ b/.github/workflows/basics.yml
@@ -29,7 +29,7 @@ jobs:
- name: Install PHP
uses: shivammathur/setup-php@v2
with:
- php-version: '7.4'
+ php-version: 'latest'
coverage: none
tools: cs2pr
diff --git a/.github/workflows/quicktest.yml b/.github/workflows/quicktest.yml
index bab7311f..350c09d2 100644
--- a/.github/workflows/quicktest.yml
+++ b/.github/workflows/quicktest.yml
@@ -28,17 +28,17 @@ jobs:
include:
- php: '5.4'
phpcs_version: 'dev-master'
- wpcs_version: '2.3.*'
+ wpcs_version: '3.0.*'
- php: '5.4'
- phpcs_version: '3.7.1'
- wpcs_version: '2.3.*'
+ phpcs_version: '3.7.2'
+ wpcs_version: '3.0.*'
- php: 'latest'
phpcs_version: 'dev-master'
- wpcs_version: '2.3.*'
+ wpcs_version: '3.0.*'
- php: 'latest'
- phpcs_version: '3.7.1'
- wpcs_version: '2.3.*'
+ phpcs_version: '3.7.2'
+ wpcs_version: '3.0.*'
name: "QTest${{ matrix.phpcs_version == 'dev-master' && ' + Lint' || '' }}: PHP ${{ matrix.php }} - PHPCS ${{ matrix.phpcs_version }}"
@@ -48,7 +48,6 @@ jobs:
# On stable PHPCS versions, allow for PHP deprecation notices.
# Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore.
- # Note: the "elif" condition is temporary and should be removed once VIPCS updates to WPCS 3.0+.
- name: Setup ini config
id: set_ini
run: |
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index c0f698fd..0de1b5eb 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -72,13 +72,13 @@ jobs:
# no additional versions are included in the array.
matrix:
php: ['5.4', '5.5', '5.6', '7.0', '7.1', '7.2', '7.3', '7.4', '8.0', '8.1', '8.2']
- phpcs_version: ['3.7.1', 'dev-master']
- wpcs_version: ['2.3.*']
+ phpcs_version: ['3.7.2', 'dev-master']
+ wpcs_version: ['3.0.*']
include:
- php: '8.3'
phpcs_version: 'dev-master'
- wpcs_version: '2.3.*'
+ wpcs_version: '3.0.*'
name: "Test: PHP ${{ matrix.php }} - PHPCS ${{ matrix.phpcs_version }} - WPCS ${{ matrix.wpcs_version }}"
@@ -90,14 +90,11 @@ jobs:
# On stable PHPCS versions, allow for PHP deprecation notices.
# Unit tests don't need to fail on those for stable releases where those issues won't get fixed anymore.
- # Note: the "elif" condition is temporary and should be removed once VIPCS updates to WPCS 3.0+.
- name: Setup ini config
id: set_ini
run: |
if [[ "${{ matrix.phpcs_version }}" != "dev-master" ]]; then
echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED' >> $GITHUB_OUTPUT
- elif [[ "${{ matrix.php }}" == "8.1" ]]; then
- echo 'PHP_INI=error_reporting=E_ALL & ~E_DEPRECATED' >> $GITHUB_OUTPUT
else
echo 'PHP_INI=error_reporting=-1' >> $GITHUB_OUTPUT
fi
diff --git a/.phpcs.xml.dist b/.phpcs.xml.dist
index 0b06835d..a0049b7b 100644
--- a/.phpcs.xml.dist
+++ b/.phpcs.xml.dist
@@ -19,8 +19,7 @@
-
-
+
diff --git a/README.md b/README.md
index 1bcb6465..1006b175 100644
--- a/README.md
+++ b/README.md
@@ -16,9 +16,9 @@ Go to https://docs.wpvip.com/technical-references/code-review/phpcs-report/ to l
## Minimal requirements
* PHP 5.4+
-* [PHPCS 3.7.1+](https://github.com/squizlabs/PHP_CodeSniffer/releases)
+* [PHPCS 3.7.2+](https://github.com/squizlabs/PHP_CodeSniffer/releases)
* [PHPCSUtils 1.0.8+](https://github.com/PHPCSStandards/PHPCSUtils)
-* [WPCS 2.3.0+](https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/releases)
+* [WPCS 3.0.0+](https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/releases)
* [VariableAnalysis 2.11.17+](https://github.com/sirbrillig/phpcs-variable-analysis/releases)
## Installation
@@ -35,7 +35,7 @@ composer g config allow-plugins.dealerdirect/phpcodesniffer-composer-installer t
composer g require automattic/vipwpcs
```
-This will install the latest compatible versions of PHPCS, PHPCSUtils, WPCS and VariableAnalysis and register the external standards with PHP_CodeSniffer.
+This will install the latest compatible versions of PHPCS, PHPCSUtils, PHPCSExtra, WPCS and VariableAnalysis and register the external standards with PHP_CodeSniffer.
Please refer to the [installation instructions for installing PHP_CodeSniffer for WordPress.com VIP](https://docs.wpvip.com/how-tos/code-review/php_codesniffer/) for more details.
diff --git a/WordPress-VIP-Go/ruleset-test.inc b/WordPress-VIP-Go/ruleset-test.inc
index d151ad67..773842b0 100644
--- a/WordPress-VIP-Go/ruleset-test.inc
+++ b/WordPress-VIP-Go/ruleset-test.inc
@@ -59,7 +59,7 @@ if ( isset( $_SERVER['HTTP_USER_AGENT'] ) && $_SERVER['HTTP_USER_AGENT'] === 'so
// Make sure nonce verification is done in global scope to silence notices about use of superglobals without later on in the file.
isset( $_GET['my_nonce'] ) && wp_verify_nonce( sanitize_text_field( $_GET['my_nonce'] ) );
-// WordPress.WP.AlternativeFunctions.file_system_read_fopen
+// WordPress.WP.AlternativeFunctions.file_system_operations_fopen
fopen( 'file.txt', 'r' ); // Warning + Message.
// WordPressVIPMinimum.Performance.FetchingRemoteData.FileGetContentsUnknown
@@ -153,7 +153,7 @@ url_to_postid( $url ); // Warning + Message.
wpcom_vip_old_slug_redirect(); // Ok.
wp_old_slug_redirect(); // Warning.
-// WordPress.CodeAnalysis.AssignmentInCondition.Found
+// Generic.CodeAnalysis.AssignmentInCondition.Found
if ($a = 123) { // Warning.
}
@@ -165,7 +165,7 @@ rawurlencode(); // Ok.
extract( array( 'a' => 1 ) ); // Error.
$obj->extract(); // Ok.
-// WordPress.PHP.StrictComparisons.LooseComparison
+// Universal.Operators.StrictComparisons
true == $true; // Warning.
false === $true; // Ok.
@@ -557,7 +557,7 @@ echo " 999, // Warning.
);
_query_posts( 'posts_per_page=999' ); // Warning.
@@ -45,7 +45,7 @@ $query_args['posts_per_page'] = 999; // Warning.
date_default_timezone_set( 'FooBar' ); // Error.
// WordPress.DB.PreparedSQL
-$b = function () {
+$b = function () { // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
global $wpdb;
$listofthings = wp_cache_get( 'foo' );
if ( ! $listofthings ) {
@@ -57,7 +57,7 @@ $b = function () {
};
// WordPress.DB.DirectDatabaseQuery
-$baz = $wpdb->get_results( $wpdb->prepare( 'SELECT X FROM Y ' ) ); // Warning x 2.
+$baz = $wpdb->get_results( $wpdb->prepare( 'SELECT X FROM Y ' ) ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning x 2.
// WordPress.DB.SlowDBQuery
$test = [
@@ -72,11 +72,11 @@ new WP_Query( array(
// WordPress.WP.GlobalVariablesOverride
$GLOBALS['wpdb'] = 'test'; // Error.
-// WordPress.PHP.StrictComparisons
+// Universal.Operators.StrictComparisons
if ( true == $true ) { // Warning.
}
-// WordPress.CodeAnalysis.AssignmentInCondition
+// Generic.CodeAnalysis.AssignmentInCondition
if ( $test = get_post( $post ) ) { // Warning.
}
@@ -139,9 +139,9 @@ serialize(); // Warning.
unserialize(); // Warning.
urlencode(); // Warning.
passthru( 'cat myfile.zip', $err ); // Warning.
-$process = proc_open( 'php', $descriptorspec, $pipes, $cwd, $env ); // Warning.
-$last_line = system( 'ls', $retval ); // Warning.
-$handle = popen( '/bin/ls', 'r' ); // Warning.
+$process = proc_open( 'php', $descriptorspec, $pipes, $cwd, $env ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning.
+$last_line = system( 'ls', $retval ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning.
+$handle = popen( '/bin/ls', 'r' ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning.
// WordPress.PHP.DiscouragedPHPFunctions.runtime_configuration_error_reporting
error_reporting(); // Error.
@@ -174,7 +174,7 @@ dl(); // Error.
exec( 'whoami' ); // Error.
// WordPress.PHP.DiscouragedPHPFunctions.system_calls_shell_exec
-$output = shell_exec( 'ls -lart' ); // Error.
+$output = shell_exec( 'ls -lart' ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Error.
// WordPress.PHP.DevelopmentFunctions
var_dump(); // Warning.
@@ -243,7 +243,7 @@ curl_init(); // Warning + Message.
curl_close( $ch ); // Warning + Message.
CURL_getinfo(); // Warning + Message.
parse_url( 'http://example.com/' ); // Warning.
-$json = json_encode( $thing ); // Warning.
+$json = json_encode( $thing ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning.
readfile(); // Warning.
fclose(); // Warning.
fopen(); // Warning.
@@ -402,7 +402,7 @@ wp_remote_get( $url ); // Warning.
setcookie( 'cookie[three]', 'cookiethree' ); // Error.
get_posts(); // Warning.
wp_get_recent_posts(); // Warning.
-$wp_random_testing = create_function( '$a, $b', 'return ( $b / $a ); '); // Warning.
+$wp_random_testing = create_function( '$a, $b', 'return ( $b / $a ); '); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning.
wpcom_vip_get_term_link(); // Warning.
wpcom_vip_get_term_by(); // Warning.
wpcom_vip_get_category_by_slug(); // Warning.
@@ -447,11 +447,11 @@ add_filter( 'robots_txt', function() { // Warning.
// WordPressVIPMinimum.Performance.CacheValueOverride
-$bad_wp_users = wp_cache_get( md5( self::CACHE_KEY . '_wp_users'), self::CACHE_GROUP );
-$bad_wp_users = false; // Error.
+$bad_wp_users = wp_cache_get( md5( self::CACHE_KEY . '_wp_users'), self::CACHE_GROUP ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
+$bad_wp_users = false; // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Error.
// WordPressVIPMinimum.Performance.FetchingRemoteData
-$external_resource = file_get_contents( 'https://example.com' ); // Warning.
+$external_resource = file_get_contents( 'https://example.com' ); // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning.
// WordPressVIPMinimum.Performance.LowExpiryCacheTime
wp_cache_set( 'test', $data, $group, 100 ); // Warning.
@@ -459,13 +459,13 @@ wp_cache_add( 123, $data, null, 1.5 * MINUTE_IN_SECONDS ); // Warning.
wp_cache_replace( 'test', $data, $group, 2*MINUTE_IN_SECONDS ); // Warning.
// WordPressVIPMinimum.Performance.NoPaging
-$args = array(
+$args = array( // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
'nopaging' => true, // Error.
);
_query_posts( 'nopaging=true' ); // Error.
// WordPressVIPMinimum.Performance.OrderByRand
-$args = array(
+$args = array( // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable
"orderby" => "RAND", // Error.
);
$query_args['orderby'] = 'rand'; // Error.
@@ -585,9 +585,9 @@ echo ''; /
users"; // Error.
-$x = foo( sanitize_text_field( $_SERVER['HTTP_USER_AGENT'] ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated -- Warning.
-foo( $_SESSION['bar'] ); // Error.
+$query = "SELECT * FROM $wpdb->users"; // phpcs:ignore VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Error.
+$x = foo( sanitize_text_field( $_SERVER['HTTP_USER_AGENT'] ) ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput.InputNotValidated,VariableAnalysis.CodeAnalysis.VariableAnalysis.UnusedVariable -- Warning.
+foo( $_SESSION['bar'] ); // phpcs:ignore WordPress.Security.ValidatedSanitizedInput -- Error.
// WordPressVIPMinimum.Variables.ServerVariables
// phpcs:disable WordPress.Security.ValidatedSanitizedInput.InputNotValidated,WordPress.Security.ValidatedSanitizedInput.InputNotSanitized
@@ -614,6 +614,9 @@ class MyClass {
>>>>>>> // Error.
diff --git a/WordPressVIPMinimum/ruleset-test.php b/WordPressVIPMinimum/ruleset-test.php
index 881da76b..05076415 100644
--- a/WordPressVIPMinimum/ruleset-test.php
+++ b/WordPressVIPMinimum/ruleset-test.php
@@ -197,7 +197,7 @@
597 => 1,
612 => 1,
614 => 1,
- 618 => 1,
+ 621 => 1,
],
'warnings' => [
32 => 1,
@@ -290,6 +290,7 @@
559 => 1,
565 => 1,
589 => 1,
+ 618 => 1,
],
'messages' => [
130 => [
diff --git a/WordPressVIPMinimum/ruleset.xml b/WordPressVIPMinimum/ruleset.xml
index 87394301..13670326 100644
--- a/WordPressVIPMinimum/ruleset.xml
+++ b/WordPressVIPMinimum/ruleset.xml
@@ -36,8 +36,11 @@
-
-
+
+ warning
+
+
+
@@ -132,10 +135,32 @@
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/composer.json b/composer.json
index 005944eb..7f4db735 100644
--- a/composer.json
+++ b/composer.json
@@ -17,10 +17,11 @@
],
"require": {
"php": ">=5.4",
+ "phpcsstandards/phpcsextra": "^1.1.0",
"phpcsstandards/phpcsutils": "^1.0.8",
"sirbrillig/phpcs-variable-analysis": "^2.11.17",
- "squizlabs/php_codesniffer": "^3.7.1",
- "wp-coding-standards/wpcs": "^2.3"
+ "squizlabs/php_codesniffer": "^3.7.2",
+ "wp-coding-standards/wpcs": "^3.0"
},
"require-dev": {
"php-parallel-lint/php-parallel-lint": "^1.3.2",
diff --git a/tests/RulesetTest.php b/tests/RulesetTest.php
index 41a95074..f6fed8fe 100644
--- a/tests/RulesetTest.php
+++ b/tests/RulesetTest.php
@@ -148,7 +148,7 @@ private function collect_phpcs_result() {
}
$shell = sprintf(
- '%1$s%2$s --severity=1 --standard=%3$s --report=json --runtime-set minimum_supported_wp_version 0 ./%3$s/ruleset-test.inc',
+ '%1$s%2$s --severity=1 --standard=%3$s --report=json ./%3$s/ruleset-test.inc',
$php, // Current PHP executable if available.
$this->phpcs_bin,
$this->ruleset