Denis Žoljom

This example is a tricky one because PHPCS isn't aware of the context. It doesn't parse your code and tracks what you used and where. PHPCS cannot know if the...

You can easily do that either by excluding that sniff in your ruleset ```xml ``` Or ignoring that line with a comment ```php function get_query_args( int $first, int $last, int...

This is odd, I'm not getting that error. I tried adding your code example to the unit test file, and I tried sniffing a test file with `WordPress-Extra` ruleset and...

Should we put in this sniff the check, in the case of multiple arguments used with the spread operator, that the variadic argument is always placed on the last place?...

I wonder if a rule like that could be created in https://github.com/szepeviktor/phpstan-wordpress 🤔

@JJJ just because something was added 15 years ago, doesn't mean it should stay this way forever. I don't think that the argument that various plugins/themes/projects out there having different...

@AndrzejLan You should check out this amazing diagram Rarst made on wpse https://wordpress.stackexchange.com/a/26622/58895 `index.php` in a plugin is not the same as the one in the WordPress core. When the...

> In practice, this only really matters for the EscapeOutput sniff with printf, but in theory, sprintf can actually be used as a sanitisation function as well; sprintf( '%d', $foo...

I found this article https://dev.to/anastasionico/good-practices-how-to-sanitize-validate-and-escape-in-php-3-methods-139b and in there an interesting example: ```php $changePassword = sprintf( 'UPDATE users set password = "%s" WHERE id = "%s"', $_POST['password'], $_GET['id'], ); ``` Now,...

But we'd need to have a specific sniff for that, instead of just adding it to a list of sanitizing functions, no? Or updating an existing one. @jrfnl will know...