lipemat / wp-phpcs
PHP Codesniffer for a WordPress plugin
Fund package maintenance!
lipemat
Installs: 16 067
Dependents: 0
Suggesters: 0
Security: 0
Stars: 5
Watchers: 3
Forks: 3
Open Issues: 0
Type:phpcodesniffer-standard
Requires
- php: >=7.4.0
- automattic/vipwpcs: ^3.0.1
- dealerdirect/phpcodesniffer-composer-installer: ^0.7.1
- phpcompatibility/phpcompatibility-wp: ^2.1.2
- phpcsstandards/phpcsextra: ^1.0.2
- sirbrillig/phpcs-variable-analysis: ^v2.11.17
- squizlabs/php_codesniffer: ^3.6.1
- wp-coding-standards/wpcs: ^3.0.0
Requires (Dev)
- ext-json: *
- johnbillion/args: ^1
- lipemat/wordpress-libs: ^4
- phpcompatibility/php-compatibility: dev-develop as 9.4.0
- roave/security-advisories: dev-latest
- dev-master
- 4.4.0
- 4.3.2
- 4.3.1
- 4.3.0
- 4.2.0
- 4.1.4
- 4.1.3
- 4.1.2
- 4.1.1
- 4.1.0
- 4.0.0
- 3.2.0
- 3.1.4
- 3.1.3
- 3.1.2
- 3.1.1
- 3.1.0
- 3.0.2
- 3.0.1
- 3.0.0
- 3.0.0-beta.1
- 2.8.0
- 2.7.0
- 2.7.0-beta.1
- 2.6.5
- 2.6.4
- 2.6.3
- 2.6.2
- 2.6.1
- 2.6.0
- 2.5.0
- 2.4.0
- 2.3.0
- 2.2.1
- v2.2.0
- 2.1.0
- 2.0.1
- 2.0.0
- 1.4.0
- 1.3.1
- 1.3.0
- 1.2.0
- 1.1.1
- 1.1.0
- 1.0.0
- dev-develop
- dev-patch-1
This package is auto-updated.
Last update: 2024-12-02 16:58:27 UTC
README
PHP Codesniffer setup for a WordPress plugin.
Installation
Use composer to install. Although this may be added directly to your plugins composer.json, it is recommended to install somewhere globally to reuse across projects.
If not using as a global library, your local composer.json
will need to include the following config.
{ "config": { "allow-plugins": { "dealerdirect/phpcodesniffer-composer-installer": true } } }
Install via composer
composer require lipemat/wp-phpcs
Copy the phpcs-sample.xml
file to the root of your plugin and rename to phpcs.xml
. Adjust the configuration as desired.
Running
The vendor/bin folder includes the scripts to run on either Windows or Unix. You may either add that directory to your PATH or call it verbosely like so:
{project dir}/vendor/bin/phpcs ./
OR
{project dir}/vendor/bin/phpcbf ./
You may also create your own script somewhere on your PATH. Here is an example phpcs.bat for Windows. This assumes you created a folder named wp-phpcs in your root and ran composer require there.
@echo off
C:\wp-phpcs\vendor\bin\phpcs %*
Automating
Once you have scripts added to your path for phpcs and phpcbf, you can use the included git-hooks/pre-commit
to run PHP lint and PHPCS automatically before making any commit.
Copy the pre-commit file to your plugin's .git/hooks directory, and the rest is automatic.
Included Sniffs
Lipe Sniffs
This package ships with some optional Lipe
namespaced sniffs.
<rule ref="Lipe" />
for all our default configurations and sniffs.- @note This configuration is opinionated, you probably just want to include desired sniff namespaces.
<rule ref="Lipe.JS" />
for our JavaScript security sniffs, which support dompurify.<rule ref="Lipe.DB.CalcFoundRows" />
for detecting the deprecated uses of MySQLSQL_CALC_FOUND_ROWS
.<rule ref="Lipe.PHP.DisallowNullCoalesceInCondition" />
for detecting using??
in conditions.<rule ref="Lipe.PHP.DisallowNullCoalesceInForLoops" />
for detecting using??
in for loops.<rule ref="Lipe.Performance.SlowMetaQuery" />
for detecting slow meta queries.- Like
WordPress.DB.SlowDBQuery.slow_db_query_meta_query
but supports usingEXISTS
andNOT_EXISTS
meta queries.
- Like
<rule ref="Lipe.Performance.SlowOrderBy" />
for detecting slowORDER BY
clauses in WP_Query.<rule ref="Lipe.Performance.PostNotIn" />
for detecting uses ofpost__not_in
clauses in WP_Query.<rule ref="Lipe.Performance.SuppressFilters" />
for detecting missing uses ofsuppress_filters
clauses in get_posts.
LipePlugin Sniffs
This package ships with some optional LipePlugin
namespaced sniffs designed to be used with a distributed plugin or library.
<rule ref="LipePlugin" />
for all the default configurations and sniffs.- @note This configuration is opinionated, you probably just want to include desired sniff namespaces.
<rule ref="Lipe.CodeAnalysis.SelfInClassSniff" />
force usingstatic
instead ofself
to improve extensibility.- 'ReturnType' - return type of methods.
- 'InstanceOf' - self instance for static calls.
- 'NewInstance' - Constructing via
new self()
. - 'ScopeResolution' - Local constants via
self::
.
<rule ref="LipePlugin.TypeHints.PrivateInClass" />
for distributed packages, which should not useprivate
to improve extensibility.<rule ref="LipePlugin.TypeHints.PreventStrictTypes" />
for distributed packages, which should not usestrict_type
to improve compatibility.
Other Notes
The phpcs-sample.xml
has many things excluded. This is because some things don't really fit in with WordPress standards. You can remove any of <exclude>
items to make more strict. Remove them all if you really want to make your code strict.