Skip to content

Bump wp-coding-standards/wpcs from 1.0.0 to 2.2.0#2

Closed
dependabot-preview[bot] wants to merge 1 commit intomasterfrom
dependabot/composer/wp-coding-standards/wpcs-2.2.0
Closed

Bump wp-coding-standards/wpcs from 1.0.0 to 2.2.0#2
dependabot-preview[bot] wants to merge 1 commit intomasterfrom
dependabot/composer/wp-coding-standards/wpcs-2.2.0

Conversation

@dependabot-preview
Copy link

Bumps wp-coding-standards/wpcs from 1.0.0 to 2.2.0.

Release notes

Sourced from wp-coding-standards/wpcs's releases.

2.2.0

Note: The repository has moved. The new URL is https://github.com/WordPress/WordPress-Coding-Standards.
The move does not affect the package name for Packagist. This remains the same: wp-coding-standards/wpcs.

Added

  • New WordPress.DateTime.CurrentTimeTimestamp sniff to the WordPress-Core ruleset, which checks against the use of the WP native current_time() function to retrieve a timestamp as this won't be a real timestamp. Includes an auto-fixer.
  • New WordPress.DateTime.RestrictedFunctions sniff to the WordPress-Core ruleset, which checks for the use of certain date/time related functions. Initially this sniff forbids the use of the PHP native date_default_timezone_set() and date() functions.
  • New WordPress.PHP.DisallowShortTernary sniff to the WordPress-Core ruleset, which, as the name implies, disallows the use of short ternaries.
  • New WordPress.CodeAnalysis.EscapedNotTranslated sniff to the WordPress-Extra ruleset which will warn when a text string is escaped for output, but not being translated, while the arguments passed to the function call give the impression that translation is intended.
  • New WordPress.NamingConventions.ValidPostTypeSlug sniff to the WordPress-Extra ruleset which will examine calls to register_post_type() and throw errors when an invalid post type slug is used.
  • Generic.Arrays.DisallowShortArraySyntax to the WordPress-Core ruleset.
  • WordPress.NamingConventions.PrefixAllGlobals: the PHP prefix has been added to the prefix blacklist as it is reserved by PHP itself.
  • The wp_sanitize_redirect() function to the sanitizingFunctions list used by the WordPress.Security.NonceVerification, WordPress.Security.ValidatedSanitizedInput and WordPress.Security.EscapeOutput sniffs.
  • The sanitize_key() and the highlight_string() functions to the escapingFunctions list used by the WordPress.Security.EscapeOutput sniff.
  • The RECOVERY_MODE_COOKIE constant to the list of WP Core constants which may be defined by plugins and themes and therefore don't need to be prefixed (WordPress.NamingConventions.PrefixAllGlobals).
  • $content_width, $plugin, $mu_plugin and $network_plugin to the list of WP globals which is used by both the WordPress.Variables.GlobalVariables and the WordPress.NamingConventions.PrefixAllGlobals sniffs.
  • Sniff::is_short_list() utility method to determine whether a short array open/close token actually represents a PHP 7.1+ short list.
  • Sniff::find_list_open_close() utility method to find the opener and closer for list() constructs, including short lists.
  • Sniff::get_list_variables() utility method which will retrieve an array with the token pointers to the variables which are being assigned to in a list() construct. Includes support for short lists.
  • Sniff::is_function_deprecated() static utility method to determine whether a declared function has been marked as deprecated in the function DocBlock.
  • End-user documentation to the following existing sniffs: WordPress.Arrays.ArrayIndentation, WordPress.Arrays.ArrayKeySpacingRestrictions, WordPress.Arrays.MultipleStatementAlignment, WordPress.Classes.ClassInstantiation, WordPress.NamingConventions.ValidHookName, WordPress.PHP.IniSet, WordPress.Security.SafeRedirect, WordPress.WhiteSpace.CastStructureSpacing, WordPress.WhiteSpace.DisallowInlineTabs, WordPress.WhiteSpace.PrecisionAlignment, WordPress.WP.CronInterval, WordPress.WP.DeprecatedClasses, WordPress.WP.DeprecatedFunctions, WordPress.WP.DeprecatedParameters, WordPress.WP.DeprecatedParameterValues, WordPress.WP.EnqueuedResources, WordPress.WP.PostsPerPage.
    This documentation can be exposed via the PHP_CodeSniffer --generator=... command-line argument.

Changed

  • The default value for minimum_supported_wp_version, as used by a number of sniffs detecting usage of deprecated WP features, has been updated to 5.0.
  • The WordPress.Arrays.ArrayKeySpacingRestrictions sniff has two new error codes: TooMuchSpaceBeforeKey and TooMuchSpaceAfterKey. Both auto-fixable.
    The sniff will now check that there is exactly one space on the inside of the square brackets around the array key for non-string, non-numeric array keys. Previously, it only checked that there was whitespace, not how much whitespace.
  • WordPress.Arrays.ArrayKeySpacingRestrictions: the fixers have been made more efficient and less fixer-conflict prone.
  • WordPress.NamingConventions.PrefixAllGlobals: plugin/theme prefixes should be at least three characters long. A new ShortPrefixPassed error has been added for when the prefix passed does not comply with this rule.
  • WordPress.WhiteSpace.CastStructureSpacing now allows for no whitespace before a cast when the cast is preceded by the spread ... operator. This pre-empts a fixer conflict for when the spacing around the spread operator will start to get checked.
  • The WordPress.WP.DeprecatedClasses sniff will now detect classes deprecated in WP 4.9 and WP 5.3.
  • The WordPress.WP.DeprecatedFunctions sniff will now detect functions deprecated in WP 5.3.
  • WordPress.NamingConventions.ValidHookName now has "cleaner" error messages and higher precision for the line on which an error is thrown.
  • WordPress.Security.EscapeOutput: if an error refers to array access via a variable, the array index key will now be included in the error message.
  • The processing of the WordPress ruleset by PHP_CodeSniffer will now be faster.
  • Various minor code tweaks and clean up.
  • Various minor documentation fixes.
  • Documentation: updated the repo URL in all relevant places.

Deprecated

  • The WordPress.WP.TimezoneChange sniff. Use the WordPress.DateTime.RestrictedFunctions instead.
    The deprecated sniff will be removed in WPCS 3.0.0.

Fixed

  • All sniffs in the WordPress.Arrays category will no longer treat short lists as if they were a short array.
  • The WordPress.NamingConventions.ValidFunctionName and the WordPress.NamingConventions.PrefixAllGlobals sniff will now ignore functions marked as @deprecated.
  • Both the WordPress.NamingConventions.PrefixAllGlobals sniff as well as the WordPress.WP.GlobalVariablesOverride sniff have been updated to recognize variables being declared via (long/short) list() constructs and handle them correctly.
  • Both the WordPress.NamingConventions.PrefixAllGlobals sniff as well as the WordPress.WP.GlobalVariablesOverride sniff will now take a limited list of WP global variables which are intended to be overwritten by plugins/themes into account.
    Initially this list contains the $content_width and the $wp_cockneyreplace variables.
  • WordPress.NamingConventions.ValidHookName: will no longer examine a string array access index key as if it were a part of the hook name.
... (truncated)
Changelog

Sourced from wp-coding-standards/wpcs's changelog.

[2.2.0] - 2019-11-11

Note: The repository has moved. The new URL is https://github.com/WordPress/WordPress-Coding-Standards.
The move does not affect the package name for Packagist. This remains the same: wp-coding-standards/wpcs.

Added

  • New WordPress.DateTime.CurrentTimeTimestamp sniff to the WordPress-Core ruleset, which checks against the use of the WP native current_time() function to retrieve a timestamp as this won't be a real timestamp. Includes an auto-fixer.
  • New WordPress.DateTime.RestrictedFunctions sniff to the WordPress-Core ruleset, which checks for the use of certain date/time related functions. Initially this sniff forbids the use of the PHP native date_default_timezone_set() and date() functions.
  • New WordPress.PHP.DisallowShortTernary sniff to the WordPress-Core ruleset, which, as the name implies, disallows the use of short ternaries.
  • New WordPress.CodeAnalysis.EscapedNotTranslated sniff to the WordPress-Extra ruleset which will warn when a text string is escaped for output, but not being translated, while the arguments passed to the function call give the impression that translation is intended.
  • New WordPress.NamingConventions.ValidPostTypeSlug sniff to the WordPress-Extra ruleset which will examine calls to register_post_type() and throw errors when an invalid post type slug is used.
  • Generic.Arrays.DisallowShortArraySyntax to the WordPress-Core ruleset.
  • WordPress.NamingConventions.PrefixAllGlobals: the PHP prefix has been added to the prefix blacklist as it is reserved by PHP itself.
  • The wp_sanitize_redirect() function to the sanitizingFunctions list used by the WordPress.Security.NonceVerification, WordPress.Security.ValidatedSanitizedInput and WordPress.Security.EscapeOutput sniffs.
  • The sanitize_key() and the highlight_string() functions to the escapingFunctions list used by the WordPress.Security.EscapeOutput sniff.
  • The RECOVERY_MODE_COOKIE constant to the list of WP Core constants which may be defined by plugins and themes and therefore don't need to be prefixed (WordPress.NamingConventions.PrefixAllGlobals).
  • $content_width, $plugin, $mu_plugin and $network_plugin to the list of WP globals which is used by both the WordPress.Variables.GlobalVariables and the WordPress.NamingConventions.PrefixAllGlobals sniffs.
  • Sniff::is_short_list() utility method to determine whether a short array open/close token actually represents a PHP 7.1+ short list.
  • Sniff::find_list_open_close() utility method to find the opener and closer for list() constructs, including short lists.
  • Sniff::get_list_variables() utility method which will retrieve an array with the token pointers to the variables which are being assigned to in a list() construct. Includes support for short lists.
  • Sniff::is_function_deprecated() static utility method to determine whether a declared function has been marked as deprecated in the function DocBlock.
  • End-user documentation to the following existing sniffs: WordPress.Arrays.ArrayIndentation, WordPress.Arrays.ArrayKeySpacingRestrictions, WordPress.Arrays.MultipleStatementAlignment, WordPress.Classes.ClassInstantiation, WordPress.NamingConventions.ValidHookName, WordPress.PHP.IniSet, WordPress.Security.SafeRedirect, WordPress.WhiteSpace.CastStructureSpacing, WordPress.WhiteSpace.DisallowInlineTabs, WordPress.WhiteSpace.PrecisionAlignment, WordPress.WP.CronInterval, WordPress.WP.DeprecatedClasses, WordPress.WP.DeprecatedFunctions, WordPress.WP.DeprecatedParameters, WordPress.WP.DeprecatedParameterValues, WordPress.WP.EnqueuedResources, WordPress.WP.PostsPerPage.
    This documentation can be exposed via the PHP_CodeSniffer --generator=... command-line argument.

Changed

  • The default value for minimum_supported_wp_version, as used by a number of sniffs detecting usage of deprecated WP features, has been updated to 5.0.
  • The WordPress.Arrays.ArrayKeySpacingRestrictions sniff has two new error codes: TooMuchSpaceBeforeKey and TooMuchSpaceAfterKey. Both auto-fixable.
    The sniff will now check that there is exactly one space on the inside of the square brackets around the array key for non-string, non-numeric array keys. Previously, it only checked that there was whitespace, not how much whitespace.
  • WordPress.Arrays.ArrayKeySpacingRestrictions: the fixers have been made more efficient and less fixer-conflict prone.
  • WordPress.NamingConventions.PrefixAllGlobals: plugin/theme prefixes should be at least three characters long. A new ShortPrefixPassed error has been added for when the prefix passed does not comply with this rule.
  • WordPress.WhiteSpace.CastStructureSpacing now allows for no whitespace before a cast when the cast is preceded by the spread ... operator. This pre-empts a fixer conflict for when the spacing around the spread operator will start to get checked.
  • The WordPress.WP.DeprecatedClasses sniff will now detect classes deprecated in WP 4.9 and WP 5.3.
  • The WordPress.WP.DeprecatedFunctions sniff will now detect functions deprecated in WP 5.3.
  • WordPress.NamingConventions.ValidHookName now has "cleaner" error messages and higher precision for the line on which an error is thrown.
  • WordPress.Security.EscapeOutput: if an error refers to array access via a variable, the array index key will now be included in the error message.
  • The processing of the WordPress ruleset by PHP_CodeSniffer will now be faster.
  • Various minor code tweaks and clean up.
  • Various minor documentation fixes.
  • Documentation: updated the repo URL in all relevant places.

Deprecated

  • The WordPress.WP.TimezoneChange sniff. Use the WordPress.DateTime.RestrictedFunctions instead.
    The deprecated sniff will be removed in WPCS 3.0.0.

Fixed

  • All sniffs in the WordPress.Arrays category will no longer treat short lists as if they were a short array.
  • The WordPress.NamingConventions.ValidFunctionName and the WordPress.NamingConventions.PrefixAllGlobals sniff will now ignore functions marked as @deprecated.
  • Both the WordPress.NamingConventions.PrefixAllGlobals sniff as well as the WordPress.WP.GlobalVariablesOverride sniff have been updated to recognize variables being declared via (long/short) list() constructs and handle them correctly.
  • Both the WordPress.NamingConventions.PrefixAllGlobals sniff as well as the WordPress.WP.GlobalVariablesOverride sniff will now take a limited list of WP global variables which are intended to be overwritten by plugins/themes into account.
    Initially this list contains the $content_width and the $wp_cockneyreplace variables.
... (truncated)
Commits
  • f90e869 Merge pull request #1828 from WordPress/develop
  • d45f5e5 Merge pull request #1833 from WordPress/feature/changelog-2.2.0
  • e004a3e Changelog for WPCS 2.2.0
  • 84033ee Adds WP.Security.SafeRedirect documentation. (#1826)
  • e105835 Merge pull request #1824 from NielsdeBlaauw/1722-WordPress.WP.EnqueuedResources
  • 31b8d9b Various minor documentation fixes (#1831)
  • 9bd5f9c Adds documentation for WordPress.WP.EnqueuedResources.
  • a2a32d1 Various minor documentation fixes
  • e7560d1 Ini_set: add documentation (#1730)
  • ed52f7d Merge pull request #1732 from WordPress/docs/posts-per-page
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Nov 11, 2019
@dependabot-preview
Copy link
Author

Superseded by #3.

@dependabot-preview dependabot-preview bot deleted the dependabot/composer/wp-coding-standards/wpcs-2.2.0 branch February 4, 2020 21:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants