Skip to content

Comments

Bump wp-coding-standards/wpcs from 1.0.0 to 2.2.1#3

Closed
dependabot-preview[bot] wants to merge 1 commit intomasterfrom
dependabot/composer/wp-coding-standards/wpcs-2.2.1
Closed

Bump wp-coding-standards/wpcs from 1.0.0 to 2.2.1#3
dependabot-preview[bot] wants to merge 1 commit intomasterfrom
dependabot/composer/wp-coding-standards/wpcs-2.2.1

Conversation

@dependabot-preview
Copy link

@dependabot-preview dependabot-preview bot commented Feb 4, 2020

Bumps wp-coding-standards/wpcs from 1.0.0 to 2.2.1.

Release notes

Sourced from wp-coding-standards/wpcs's releases.

2.2.1

Added

  • Metrics to the WordPress.Arrays.CommaAfterArrayItem sniff. These can be displayed using --report=info.
  • The sanitize_hex_color() and the sanitize_hex_color_no_hash() functions to the escapingFunctions list used by the WordPress.Security.EscapeOutput sniff.

Changed

  • The recommended version of the suggested DealerDirect PHPCS Composer plugin is now ^0.6.

Fixed

  • WordPress.PHP.NoSilencedErrors: depending on the custom properties set, the metrics would be different.
  • WordPress.WhiteSpace.ControlStructureSpacing: fixed undefined index notice for closures with use.
  • WordPress.WP.GlobalVariablesOverride: fixed undefined offset notice when the treat_files_as_scoped property would be set to true.
  • WordPress.WP.I18n: fixed a Trying to access array offset on value of type null error when the sniff was run on PHP 7.4 and would encounter a translation function expecting singular and plural texts for which one of these arguments was missing.

2.2.0

Note: The repository has moved. The new URL is https://github.com/WordPress/WordPress-Coding-Standards. The move does not affect the package name for Packagist. This remains the same: wp-coding-standards/wpcs.

Added

  • New WordPress.DateTime.CurrentTimeTimestamp sniff to the WordPress-Core ruleset, which checks against the use of the WP native current_time() function to retrieve a timestamp as this won't be a real timestamp. Includes an auto-fixer.
  • New WordPress.DateTime.RestrictedFunctions sniff to the WordPress-Core ruleset, which checks for the use of certain date/time related functions. Initially this sniff forbids the use of the PHP native date_default_timezone_set() and date() functions.
  • New WordPress.PHP.DisallowShortTernary sniff to the WordPress-Core ruleset, which, as the name implies, disallows the use of short ternaries.
  • New WordPress.CodeAnalysis.EscapedNotTranslated sniff to the WordPress-Extra ruleset which will warn when a text string is escaped for output, but not being translated, while the arguments passed to the function call give the impression that translation is intended.
  • New WordPress.NamingConventions.ValidPostTypeSlug sniff to the WordPress-Extra ruleset which will examine calls to register_post_type() and throw errors when an invalid post type slug is used.
  • Generic.Arrays.DisallowShortArraySyntax to the WordPress-Core ruleset.
  • WordPress.NamingConventions.PrefixAllGlobals: the PHP prefix has been added to the prefix blacklist as it is reserved by PHP itself.
  • The wp_sanitize_redirect() function to the sanitizingFunctions list used by the WordPress.Security.NonceVerification, WordPress.Security.ValidatedSanitizedInput and WordPress.Security.EscapeOutput sniffs.
  • The sanitize_key() and the highlight_string() functions to the escapingFunctions list used by the WordPress.Security.EscapeOutput sniff.
  • The RECOVERY_MODE_COOKIE constant to the list of WP Core constants which may be defined by plugins and themes and therefore don't need to be prefixed (WordPress.NamingConventions.PrefixAllGlobals).
  • $content_width, $plugin, $mu_plugin and $network_plugin to the list of WP globals which is used by both the WordPress.Variables.GlobalVariables and the WordPress.NamingConventions.PrefixAllGlobals sniffs.
  • Sniff::is_short_list() utility method to determine whether a short array open/close token actually represents a PHP 7.1+ short list.
  • Sniff::find_list_open_close() utility method to find the opener and closer for list() constructs, including short lists.
  • Sniff::get_list_variables() utility method which will retrieve an array with the token pointers to the variables which are being assigned to in a list() construct. Includes support for short lists.
  • Sniff::is_function_deprecated() static utility method to determine whether a declared function has been marked as deprecated in the function DocBlock.
  • End-user documentation to the following existing sniffs: WordPress.Arrays.ArrayIndentation, WordPress.Arrays.ArrayKeySpacingRestrictions, WordPress.Arrays.MultipleStatementAlignment, WordPress.Classes.ClassInstantiation, WordPress.NamingConventions.ValidHookName, WordPress.PHP.IniSet, WordPress.Security.SafeRedirect, WordPress.WhiteSpace.CastStructureSpacing, WordPress.WhiteSpace.DisallowInlineTabs, WordPress.WhiteSpace.PrecisionAlignment, WordPress.WP.CronInterval, WordPress.WP.DeprecatedClasses, WordPress.WP.DeprecatedFunctions, WordPress.WP.DeprecatedParameters, WordPress.WP.DeprecatedParameterValues, WordPress.WP.EnqueuedResources, WordPress.WP.PostsPerPage. This documentation can be exposed via the PHP_CodeSniffer --generator=... command-line argument.

Changed

  • The default value for minimum_supported_wp_version, as used by a number of sniffs detecting usage of deprecated WP features, has been updated to 5.0.
  • The WordPress.Arrays.ArrayKeySpacingRestrictions sniff has two new error codes: TooMuchSpaceBeforeKey and TooMuchSpaceAfterKey. Both auto-fixable. The sniff will now check that there is exactly one space on the inside of the square brackets around the array key for non-string, non-numeric array keys. Previously, it only checked that there was whitespace, not how much whitespace.
  • WordPress.Arrays.ArrayKeySpacingRestrictions: the fixers have been made more efficient and less fixer-conflict prone.
  • WordPress.NamingConventions.PrefixAllGlobals: plugin/theme prefixes should be at least three characters long. A new ShortPrefixPassed error has been added for when the prefix passed does not comply with this rule.
  • WordPress.WhiteSpace.CastStructureSpacing now allows for no whitespace before a cast when the cast is preceded by the spread ... operator. This pre-empts a fixer conflict for when the spacing around the spread operator will start to get checked.
  • The WordPress.WP.DeprecatedClasses sniff will now detect classes deprecated in WP 4.9 and WP 5.3.
  • The WordPress.WP.DeprecatedFunctions sniff will now detect functions deprecated in WP 5.3.
  • WordPress.NamingConventions.ValidHookName now has "cleaner" error messages and higher precision for the line on which an error is thrown.
  • WordPress.Security.EscapeOutput: if an error refers to array access via a variable, the array index key will now be included in the error message.
  • The processing of the WordPress ruleset by PHP_CodeSniffer will now be faster.
  • Various minor code tweaks and clean up.
... (truncated)
Changelog

Sourced from wp-coding-standards/wpcs's changelog.

[2.2.1] - 2020-02-04

Added

  • Metrics to the WordPress.Arrays.CommaAfterArrayItem sniff. These can be displayed using --report=info.
  • The sanitize_hex_color() and the sanitize_hex_color_no_hash() functions to the escapingFunctions list used by the WordPress.Security.EscapeOutput sniff.

Changed

  • The recommended version of the suggested DealerDirect PHPCS Composer plugin is now ^0.6.

Fixed

  • WordPress.PHP.NoSilencedErrors: depending on the custom properties set, the metrics would be different.
  • WordPress.WhiteSpace.ControlStructureSpacing: fixed undefined index notice for closures with use.
  • WordPress.WP.GlobalVariablesOverride: fixed undefined offset notice when the treat_files_as_scoped property would be set to true.
  • WordPress.WP.I18n: fixed a Trying to access array offset on value of type null error when the sniff was run on PHP 7.4 and would encounter a translation function expecting singular and plural texts for which one of these arguments was missing.

[2.2.0] - 2019-11-11

Note: The repository has moved. The new URL is https://github.com/WordPress/WordPress-Coding-Standards. The move does not affect the package name for Packagist. This remains the same: wp-coding-standards/wpcs.

Added

  • New WordPress.DateTime.CurrentTimeTimestamp sniff to the WordPress-Core ruleset, which checks against the use of the WP native current_time() function to retrieve a timestamp as this won't be a real timestamp. Includes an auto-fixer.
  • New WordPress.DateTime.RestrictedFunctions sniff to the WordPress-Core ruleset, which checks for the use of certain date/time related functions. Initially this sniff forbids the use of the PHP native date_default_timezone_set() and date() functions.
  • New WordPress.PHP.DisallowShortTernary sniff to the WordPress-Core ruleset, which, as the name implies, disallows the use of short ternaries.
  • New WordPress.CodeAnalysis.EscapedNotTranslated sniff to the WordPress-Extra ruleset which will warn when a text string is escaped for output, but not being translated, while the arguments passed to the function call give the impression that translation is intended.
  • New WordPress.NamingConventions.ValidPostTypeSlug sniff to the WordPress-Extra ruleset which will examine calls to register_post_type() and throw errors when an invalid post type slug is used.
  • Generic.Arrays.DisallowShortArraySyntax to the WordPress-Core ruleset.
  • WordPress.NamingConventions.PrefixAllGlobals: the PHP prefix has been added to the prefix blacklist as it is reserved by PHP itself.
  • The wp_sanitize_redirect() function to the sanitizingFunctions list used by the WordPress.Security.NonceVerification, WordPress.Security.ValidatedSanitizedInput and WordPress.Security.EscapeOutput sniffs.
  • The sanitize_key() and the highlight_string() functions to the escapingFunctions list used by the WordPress.Security.EscapeOutput sniff.
  • The RECOVERY_MODE_COOKIE constant to the list of WP Core constants which may be defined by plugins and themes and therefore don't need to be prefixed (WordPress.NamingConventions.PrefixAllGlobals).
  • $content_width, $plugin, $mu_plugin and $network_plugin to the list of WP globals which is used by both the WordPress.Variables.GlobalVariables and the WordPress.NamingConventions.PrefixAllGlobals sniffs.
  • Sniff::is_short_list() utility method to determine whether a short array open/close token actually represents a PHP 7.1+ short list.
  • Sniff::find_list_open_close() utility method to find the opener and closer for list() constructs, including short lists.
  • Sniff::get_list_variables() utility method which will retrieve an array with the token pointers to the variables which are being assigned to in a list() construct. Includes support for short lists.
  • Sniff::is_function_deprecated() static utility method to determine whether a declared function has been marked as deprecated in the function DocBlock.
  • End-user documentation to the following existing sniffs: WordPress.Arrays.ArrayIndentation, WordPress.Arrays.ArrayKeySpacingRestrictions, WordPress.Arrays.MultipleStatementAlignment, WordPress.Classes.ClassInstantiation, WordPress.NamingConventions.ValidHookName, WordPress.PHP.IniSet, WordPress.Security.SafeRedirect, WordPress.WhiteSpace.CastStructureSpacing, WordPress.WhiteSpace.DisallowInlineTabs, WordPress.WhiteSpace.PrecisionAlignment, WordPress.WP.CronInterval, WordPress.WP.DeprecatedClasses, WordPress.WP.DeprecatedFunctions, WordPress.WP.DeprecatedParameters, WordPress.WP.DeprecatedParameterValues, WordPress.WP.EnqueuedResources, WordPress.WP.PostsPerPage. This documentation can be exposed via the PHP_CodeSniffer --generator=... command-line argument.

Changed

  • The default value for minimum_supported_wp_version, as used by a number of sniffs detecting usage of deprecated WP features, has been updated to 5.0.
  • The WordPress.Arrays.ArrayKeySpacingRestrictions sniff has two new error codes: TooMuchSpaceBeforeKey and TooMuchSpaceAfterKey. Both auto-fixable. The sniff will now check that there is exactly one space on the inside of the square brackets around the array key for non-string, non-numeric array keys. Previously, it only checked that there was whitespace, not how much whitespace.
  • WordPress.Arrays.ArrayKeySpacingRestrictions: the fixers have been made more efficient and less fixer-conflict prone.
  • WordPress.NamingConventions.PrefixAllGlobals: plugin/theme prefixes should be at least three characters long. A new ShortPrefixPassed error has been added for when the prefix passed does not comply with this rule.
  • WordPress.WhiteSpace.CastStructureSpacing now allows for no whitespace before a cast when the cast is preceded by the spread ... operator. This pre-empts a fixer conflict for when the spacing around the spread operator will start to get checked.
  • The WordPress.WP.DeprecatedClasses sniff will now detect classes deprecated in WP 4.9 and WP 5.3.
  • The WordPress.WP.DeprecatedFunctions sniff will now detect functions deprecated in WP 5.3.
  • WordPress.NamingConventions.ValidHookName now has "cleaner" error messages and higher precision for the line on which an error is thrown.
  • WordPress.Security.EscapeOutput: if an error refers to array access via a variable, the array index key will now be included in the error message.
... (truncated)
Commits
  • b5a4532 Merge pull request #1855 from WordPress/develop
  • 9822816 Merge pull request #1854 from WordPress/feature/changelog-2.2.1
  • 473590f Changelog for WPCS 2.2.1
  • 1761834 I18n: bug fix - trying to access array offset on null (PHP 7.4) (#1858)
  • 50f5701 Merge pull request #1852 from paulschreiber/fix/hex-color
  • 6829bee remove maybe_hash_hex_color
  • be9f57d I18n: bug fix - trying to access array offset on null (PHP 7.4)
  • 87c6153 Merge pull request #1853 from jrfnl/feature/composer-update-dependency-sugges...
  • 63dc643 Update suggested version of Composer PHPCS plugin
  • 511c5ea Add sanitize_hex_color, sanitize_hex_color_no_hash and maybe_hash_hex_color t...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Feb 4, 2020
@dependabot-preview dependabot-preview bot mentioned this pull request Feb 4, 2020
Closed
@dependabot-preview
Copy link
Author

dependabot-preview bot commented May 14, 2020

Superseded by #4.

@dependabot-preview dependabot-preview bot deleted the dependabot/composer/wp-coding-standards/wpcs-2.2.1 branch May 14, 2020 21:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants