Derrick Tennant
Derrick Tennant
## Bug Report - [x] Yes, I reviewed the [contribution guidelines](https://make.wordpress.org/cli/handbook/contributing/). - [x] Yes, more specifically, I reviewed the guidelines on [how to write clear bug reports](https://make.wordpress.org/cli/handbook/bug-reports/). **Describe the current,...
## Expected/Desired Behavior I think it would be nice if we switched the `VIP_Request_Block` class from using `error_log()` to `trigger_error( $message, E_USER_NOTICE )` so that request blocking messages could be...
## Description While we have a maximum size of (compressed) data per individual cache key, right now we have no way of determining what keys might be causing these issues...
Since VIP Init (`vip-init.php`) is only required for sites on WordPress.com VIP, [the language in the error](https://github.com/Automattic/vip-scanner/blob/f222eaec002db050864dd7e0a3b7e7d7ac2eff44/vip-scanner/checks/VIPInitCheck.php#L26) should be more specific to that fact.
As per GitHub Issue #216, there are good reasons to use protocol-relevant URLs. This pull request includes some basic scanning for this: - CSS and JS files - PHP files,...
This should be the beginnings of a solution to GitHub issue #255. I used [this "XSS Filter Evasion Cheat Sheet"](https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet) as a guide when creating the scans and unit tests....
This should be a solution to GitHub issue #265. I made this change so that when searching for XSS vulnerabilities, I wouldn't have to run through two `foreach ( $this->filter_files()...
When working on GitHub issue #255, I have ran into trouble because `filter_files()` only accepts one file type at a time. This would require extra for loops and iterations for...
[Prior to 3.2.0](https://github.com/Automattic/wp-memcached/commit/87679aaf12cdc4a216365b05c87fc00b815fd1b7#diff-d5cd62e673a61432cc3e7d1a41f5df4fce4215713777b0ae579329260b556335L550-L554) we limited the number of ops shown to 500. I believe it would still be good to have a soft limit like this. When debugging sites with...
The primary transport layer out of the box should be WP REST API. This would also include implementing any necessary authentication support for a "push" transport.