3.0: support WordPressCS 3.0 #779

WordPressCS 3.0.0 has been released and requires a minimum PHPCS version of 3.7.2. This commit updates the WordPressCS and PHPCS dependencies and the documentation referring to those, in all the relevant places. Includes: * Removing the DealerDirect plugin from `require` as it comes with WordPressCS 3.0.0 automatically (via PHPCSUtils) and not having the explicit dependency may prevent conflicts with allowed versions in the future. * Updating the PHP version on which the CS check for the VIPCS native code is being run. With WPCS 3.0, this check is no longer limited to PHP 7.4. * Removing a work-around for WPCS < 3.0 vs PHP 8.0 * Updating the VIPCS native `.phpcs.xml.dist` ruleset. Ref: https://github.com/WordPress/WordPress-Coding-Standards/releases/tag/3.0.0

These are no longer needed with WPCS 3.0.0. Ref: 746

…nctionsTrait Note: this does mean that the sniff will now also support a `public` `customPrintingFunctions` property which can be adjusted in a custom ruleset. Co-authored-by: Gary Jones <gary.jones@automattic.com>

…t_or_empty() Co-authored-by: Gary Jones <gary.jones@automattic.com>

…rge_custom_array() Co-authored-by: Gary Jones <gary.jones@automattic.com>

…eceived `$val` The `$val` parameter received by the `callback()` method will no longer automatically have been stripped of quotes. This adjusts the `callback()` methods of the sniff which extend the WPCS `AbstractArrayAssignmentRestrictions` sniff to take this into account.

Includes adding PHPCSExtra to the `composer.json` configuration as that is now a direct dependency of VIPCS as VIPCS now uses one of its sniffs in the ruleset. Co-authored-by: Gary Jones <gary.jones@automattic.com>

... which has been split.

…niff ... to prevent introducing new duplicate error messages. Co-authored-by: Gary Jones <gary.jones@automattic.com>

* The `WordPress.Security.ValidatedSanitizedInput` sniff will now also examine `$_SESSION` variables. As the test is about another sniff, let's just ignore the notices coming from `WordPress.Security.ValidatedSanitizedInput`.

To be honest, I'm completely stumped. I can't, for the life of me, think of a reason why the update of the WPCS dependency would suddenly cause all sorts of notices from the `VariableAnalysis` to show, where they previously did not. * It can't be related to the version update of the `VariableAnalysis` sniff in VIPCS 2.3.4, nor the move of the properties from the Go ruleset to the Minimum ruleset as, in that case, the build for the earlier PR/commit should also have been failing. * It can't be related to the VIPCS native `VariableAnalysis` sniff being removed as, in that case, the build for the earlier PR/commit should also have been failing. * VA and WPCS currently have two overlapping CS related dependencies. - PHP_CodeSniffer itself, but as they both use the same version, that can not be a reason for the change in the results. - The Composer plugin, but that shouldn't influence the scan results, other than if a ruleset would not be registered, but if that were the case (for VA), the tests should have been failing before on line 264, which specifically tests the VA standard triggering a notice (and yes, I checked, it did do so correctly before and after). * No new parse errors were accidentally introduced into the test files. As things are, I'm out of ideas of why these warnings are now suddenly showing up, so all I can do is fix them (by selectively silencing the notices from VA). Note: this is only happening in the Minimum ruleset test as VIPGo silences the `UnusedVariable` notice completely.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

3.0: support WordPressCS 3.0 #779

3.0: support WordPressCS 3.0 #779

Commits on Aug 24, 2023