192 lines
8.4 KiB
XML
192 lines
8.4 KiB
XML
<?xml version="1.0"?>
|
|
<ruleset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="WordPress Extra" xsi:noNamespaceSchemaLocation="https://raw.githubusercontent.com/squizlabs/PHP_CodeSniffer/master/phpcs.xsd">
|
|
|
|
<description>Best practices beyond core WordPress Coding Standards</description>
|
|
|
|
<rule ref="WordPress-Core"/>
|
|
|
|
<!-- Silence the "no nested dirnames, use $levels" notice, which is included in Core,
|
|
as plugin/themes may still support PHP < 7.0. -->
|
|
<rule ref="Modernize.FunctionCalls.Dirname.Nested">
|
|
<severity>0</severity>
|
|
</rule>
|
|
|
|
<!-- Generic PHP best practices.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/pull/382 -->
|
|
<rule ref="Generic.PHP.DeprecatedFunctions"/>
|
|
<rule ref="Generic.PHP.ForbiddenFunctions"/>
|
|
<rule ref="Generic.Functions.CallTimePassByReference"/>
|
|
<rule ref="Generic.CodeAnalysis.EmptyStatement"/>
|
|
<rule ref="Generic.CodeAnalysis.ForLoopShouldBeWhileLoop"/>
|
|
<rule ref="Generic.CodeAnalysis.ForLoopWithTestFunctionCall"/>
|
|
<rule ref="Generic.CodeAnalysis.JumbledIncrementer"/>
|
|
<rule ref="Generic.CodeAnalysis.UnconditionalIfStatement"/>
|
|
<rule ref="Generic.CodeAnalysis.UnnecessaryFinalModifier"/>
|
|
<rule ref="Generic.CodeAnalysis.UselessOverridingMethod"/>
|
|
<rule ref="Generic.Classes.DuplicateClassName"/>
|
|
<rule ref="Generic.Strings.UnnecessaryStringConcat">
|
|
<properties>
|
|
<property name="allowMultiline" value="true"/>
|
|
</properties>
|
|
</rule>
|
|
|
|
<!-- More generic PHP best practices.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/607 -->
|
|
<rule ref="Squiz.PHP.NonExecutableCode"/>
|
|
<rule ref="Squiz.Operators.IncrementDecrementUsage"/>
|
|
<rule ref="Squiz.Operators.ValidLogicalOperators"/>
|
|
<rule ref="Squiz.Functions.FunctionDuplicateArgument"/>
|
|
|
|
<!-- And even more generic PHP best practices.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/pull/809 -->
|
|
<rule ref="Squiz.PHP.DisallowSizeFunctionsInLoops"/>
|
|
|
|
<!-- Check that functions use all parameters passed.
|
|
https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/pull/xxx -->
|
|
<rule ref="Generic.CodeAnalysis.UnusedFunctionParameter">
|
|
<!-- Allow for callback functions which may not need all parameters passed. -->
|
|
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundBeforeLastUsed"/>
|
|
<!-- Allow for functions in extended classes/implemented interfaces. -->
|
|
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClass"/>
|
|
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClassBeforeLastUsed"/>
|
|
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClassAfterLastUsed"/>
|
|
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterface"/>
|
|
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterfaceBeforeLastUsed"/>
|
|
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterfaceAfterLastUsed"/>
|
|
</rule>
|
|
|
|
<!-- Do not allow leading underscores in property or method names. Visibility should be used instead.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/1101 -->
|
|
<rule ref="PSR2.Classes.PropertyDeclaration.Underscore">
|
|
<severity>5</severity>
|
|
</rule>
|
|
<rule ref="PSR2.Methods.MethodDeclaration.Underscore">
|
|
<severity>5</severity>
|
|
</rule>
|
|
|
|
<!-- Warn against using fully-qualified class names instead of the self keyword. -->
|
|
<rule ref="Squiz.Classes.SelfMemberReference.NotUsed">
|
|
<!-- Restore default severity of 5 which WordPress-Core sets to 0. -->
|
|
<severity>5</severity>
|
|
</rule>
|
|
|
|
<rule ref="WordPress.Security.EscapeOutput"/>
|
|
|
|
<!-- Encourage use of wp_safe_redirect() to avoid open redirect vulnerabilities.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/pull/1264 -->
|
|
<rule ref="WordPress.Security.SafeRedirect"/>
|
|
|
|
<!-- Verify that a nonce check is done before using values in superglobals.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/73 -->
|
|
<rule ref="WordPress.Security.NonceVerification"/>
|
|
|
|
<rule ref="WordPress.PHP.DevelopmentFunctions"/>
|
|
<rule ref="WordPress.PHP.DiscouragedPHPFunctions"/>
|
|
<rule ref="WordPress.WP.DeprecatedFunctions"/>
|
|
<rule ref="WordPress.WP.DeprecatedClasses"/>
|
|
<rule ref="WordPress.WP.DeprecatedParameters"/>
|
|
<rule ref="WordPress.WP.DeprecatedParameterValues"/>
|
|
<rule ref="WordPress.WP.AlternativeFunctions"/>
|
|
<rule ref="WordPress.WP.DiscouragedConstants"/>
|
|
<rule ref="WordPress.WP.DiscouragedFunctions"/>
|
|
|
|
<!-- Verify that capabilities are being used correctly. -->
|
|
<rule ref="WordPress.WP.Capabilities"/>
|
|
|
|
<!-- Scripts & style should be enqueued.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/35 -->
|
|
<rule ref="WordPress.WP.EnqueuedResources"/>
|
|
|
|
<!-- Warn against overriding WP global variables.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/26 -->
|
|
<rule ref="WordPress.WP.GlobalVariablesOverride"/>
|
|
|
|
<!-- Detect incorrect or risky use of the `ini_set()` function.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/1447 -->
|
|
<rule ref="WordPress.PHP.IniSet"/>
|
|
|
|
<!-- Check enqueue and register styles and scripts to have version and in_footer parameters explicitly set.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/1146 -->
|
|
<rule ref="WordPress.WP.EnqueuedResourceParameters"/>
|
|
|
|
|
|
<!-- Check for PHP Parse errors.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/522 -->
|
|
<rule ref="Generic.PHP.Syntax"/>
|
|
|
|
<!-- Make the translators comment check which is included in core stricter. -->
|
|
<rule ref="WordPress.WP.I18n.MissingTranslatorsComment">
|
|
<type>error</type>
|
|
</rule>
|
|
<rule ref="WordPress.WP.I18n.TranslatorsCommentWrongStyle">
|
|
<type>error</type>
|
|
</rule>
|
|
|
|
<!-- Verify that everything in the global namespace is prefixed. -->
|
|
<rule ref="WordPress.NamingConventions.PrefixAllGlobals"/>
|
|
|
|
<!-- Validates post type slugs for valid characters, length and reserved keywords. -->
|
|
<rule ref="WordPress.NamingConventions.ValidPostTypeSlug"/>
|
|
|
|
<!-- https://github.com/WordPress/WordPress-Coding-Standards/issues/1157 -->
|
|
<rule ref="WordPress.Security.PluginMenuSlug"/>
|
|
<rule ref="WordPress.WP.CronInterval"/>
|
|
<rule ref="WordPress.WP.PostsPerPage"/>
|
|
|
|
<!-- Verify some regex best practices.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/issues/1371 -->
|
|
<rule ref="WordPress.PHP.PregQuoteDelimiter"/>
|
|
|
|
<!-- The Core ruleset respects the PHP allowed functions list. For `Extra` the sniff is stricter.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/pull/1450 -->
|
|
<rule ref="WordPress.PHP.NoSilencedErrors">
|
|
<properties>
|
|
<property name="usePHPFunctionsList" value="false"/>
|
|
</properties>
|
|
</rule>
|
|
|
|
<!-- Commented out code should not be committed.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/pull/1463 -->
|
|
<rule ref="Squiz.PHP.CommentedOutCode">
|
|
<properties>
|
|
<property name="maxPercentage" value="40"/>
|
|
</properties>
|
|
</rule>
|
|
|
|
<!-- Prevent some typical mistakes people make accidentally.
|
|
https://github.com/WordPress/WordPress-Coding-Standards/pull/1777 -->
|
|
<rule ref="WordPress.CodeAnalysis.EscapedNotTranslated"/>
|
|
|
|
<!-- Detects duplicate array keys in array declarations. -->
|
|
<rule ref="Universal.Arrays.DuplicateArrayKey"/>
|
|
|
|
<!-- Disallows return type declarations on constructor/destructor methods,
|
|
and constructor/destructor methods returning a value. -->
|
|
<rule ref="Universal.CodeAnalysis.ConstructorDestructorReturn"/>
|
|
|
|
<!-- Detects foreach control structures using the same variable for both key and value. -->
|
|
<rule ref="Universal.CodeAnalysis.ForeachUniqueAssignment"/>
|
|
|
|
<!-- Detects using static instead of self in object-oriented constructs which are final. -->
|
|
<rule ref="Universal.CodeAnalysis.StaticInFinalClass"/>
|
|
|
|
<!-- Disallow if statements, if they are the only statement in an else block. -->
|
|
<rule ref="Universal.ControlStructures.DisallowLonelyIf"/>
|
|
|
|
<!-- Enforce for a file to either declare (global/namespaced) functions
|
|
or declare object-oriented structures, but not both. -->
|
|
<rule ref="Universal.Files.SeparateFunctionsFromOO"/>
|
|
|
|
<!-- Detect useless "echo sprintf(...)". -->
|
|
<rule ref="Universal.CodeAnalysis.NoEchoSprintf"/>
|
|
|
|
<!--
|
|
#############################################################################
|
|
Code style sniffs for more recent PHP features and syntaxes.
|
|
#############################################################################
|
|
-->
|
|
|
|
<!-- Check for single blank line after namespace declaration. -->
|
|
<rule ref="PSR2.Namespaces.NamespaceDeclaration"/>
|
|
|
|
</ruleset>
|