VIP-Coding-Standards
VIP-Coding-Standards copied to clipboard
Automattic
PHP_CodeSniffer ruleset to enforce WordPress VIP coding standards.
## Bug Description The VIP Go standard uses `WordPress.Security.EscapeOutput.OutputNotEscaped` but doesn't recognize that the deprecated [`wpcom_vip_get_resized_remote_image_url()` function](https://github.com/Automattic/vip-go-mu-plugins/blob/dfc36174ce2274def920a9ed4bf88e7d50303b35/vip-helpers/vip-deprecated.php#L1130-L1139) auto-escapes if it's fourth argument is true (default). Since it's conditional, we can't...
## What problem would the enhancement address for VIP? When a file includes a load of other includes/requires, then part of the path might be assigned to a variable, to...
## What problem would the enhancement address for VIP? The frequency with which "Warning: File inclusion using custom constant (`PREFIX_PATH`). Probably needs manual inspection (WordPressVIPMinimum.Files.IncludingFile.UsingCustomConstant)." shows up just below a...
We probably should enforce esc_url for any urls.
Things I'd like to see for this repo: - [x] Change log - [ ] Roadmap / proposed release schedule - [x] Milestones - [x] Useful labels that focus on...
## What problem would the enhancement address for VIP? Code that uses a filter instead of an action are being flagged with `WordPressVIPMinimum.Filters.AlwaysReturn.missingReturnStatement` when the correct developer remediation for the...
## What problem would the enhancement address for VIP? When using `bloginfo()`, the caller should not echo the output, as `bloginfo()` does this internally (see [here](https://developer.wordpress.org/reference/functions/bloginfo/#source)). Callers should simply call...
:warning: DO NOT MERGE (YET) :warning: [Remaining work for this Milestone](https://github.com/Automattic/VIP-Coding-Standards/milestone/X) PR for tracking changes for the X.Y.Z release. Target release date: DOW DD MMMM YYYY. - [ ] Scan...
Metadata
Owner
Metadata
PHP_CodeSniffer ruleset to enforce WordPress VIP coding standards.