-
-
Notifications
You must be signed in to change notification settings - Fork 490
/
ruleset.xml
199 lines (159 loc) · 8.66 KB
/
ruleset.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
<?xml version="1.0"?>
<ruleset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="WordPress Extra" xsi:noNamespaceSchemaLocation="https://raw.githubusercontent.com/PHPCSStandards/PHP_CodeSniffer/master/phpcs.xsd">
<description>Best practices beyond core WordPress Coding Standards</description>
<rule ref="WordPress-Core"/>
<!-- Silence the "no nested dirnames, use $levels" notice, which is included in Core,
as plugin/themes may still support PHP < 7.0. -->
<rule ref="Modernize.FunctionCalls.Dirname.Nested">
<severity>0</severity>
</rule>
<!-- Generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/pull/382 -->
<rule ref="Generic.PHP.DeprecatedFunctions"/>
<rule ref="Generic.PHP.ForbiddenFunctions"/>
<rule ref="Generic.Functions.CallTimePassByReference"/>
<rule ref="Generic.CodeAnalysis.EmptyStatement"/>
<rule ref="Generic.CodeAnalysis.ForLoopShouldBeWhileLoop"/>
<rule ref="Generic.CodeAnalysis.ForLoopWithTestFunctionCall"/>
<rule ref="Generic.CodeAnalysis.JumbledIncrementer"/>
<rule ref="Generic.CodeAnalysis.UnconditionalIfStatement"/>
<rule ref="Generic.CodeAnalysis.UnnecessaryFinalModifier"/>
<rule ref="Generic.CodeAnalysis.UselessOverridingMethod"/>
<rule ref="Generic.Classes.DuplicateClassName"/>
<rule ref="Generic.Strings.UnnecessaryStringConcat">
<properties>
<property name="allowMultiline" value="true"/>
</properties>
</rule>
<!-- More generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/issues/607 -->
<rule ref="Squiz.PHP.NonExecutableCode"/>
<rule ref="Squiz.Operators.IncrementDecrementUsage"/>
<rule ref="Squiz.Operators.ValidLogicalOperators"/>
<rule ref="Squiz.Functions.FunctionDuplicateArgument"/>
<!-- And even more generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/pull/809 -->
<rule ref="Squiz.PHP.DisallowSizeFunctionsInLoops"/>
<!-- Do not allow ambiguous conditions.
https://github.com/WordPress/WordPress-Coding-Standards/issues/2429 -->
<rule ref="Generic.CodeAnalysis.RequireExplicitBooleanOperatorPrecedence"/>
<!-- Check that functions use all parameters passed.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1510 -->
<rule ref="Generic.CodeAnalysis.UnusedFunctionParameter">
<!-- Allow for callback functions which may not need all parameters passed. -->
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundBeforeLastUsed"/>
<!-- Allow for functions in extended classes/implemented interfaces. -->
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClass"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClassBeforeLastUsed"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClassAfterLastUsed"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterface"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterfaceBeforeLastUsed"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterfaceAfterLastUsed"/>
</rule>
<!-- Do not allow leading underscores in property or method names. Visibility should be used instead.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1101 -->
<rule ref="PSR2.Classes.PropertyDeclaration.Underscore">
<severity>5</severity>
</rule>
<rule ref="PSR2.Methods.MethodDeclaration.Underscore">
<severity>5</severity>
</rule>
<!-- Warn against using fully-qualified class names instead of the self keyword. -->
<rule ref="Squiz.Classes.SelfMemberReference.NotUsed">
<!-- Restore default severity of 5 which WordPress-Core sets to 0. -->
<severity>5</severity>
</rule>
<rule ref="WordPress.Security.EscapeOutput"/>
<!-- Encourage use of wp_safe_redirect() to avoid open redirect vulnerabilities.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1264 -->
<rule ref="WordPress.Security.SafeRedirect"/>
<!-- Verify that a nonce check is done before using values in superglobals.
https://github.com/WordPress/WordPress-Coding-Standards/issues/73 -->
<rule ref="WordPress.Security.NonceVerification"/>
<rule ref="WordPress.PHP.DevelopmentFunctions"/>
<rule ref="WordPress.PHP.DiscouragedPHPFunctions"/>
<rule ref="WordPress.WP.DeprecatedFunctions"/>
<rule ref="WordPress.WP.DeprecatedClasses"/>
<rule ref="WordPress.WP.DeprecatedParameters"/>
<rule ref="WordPress.WP.DeprecatedParameterValues"/>
<rule ref="WordPress.WP.AlternativeFunctions"/>
<rule ref="WordPress.WP.DiscouragedConstants"/>
<rule ref="WordPress.WP.DiscouragedFunctions"/>
<!-- Verify that capabilities are being used correctly. -->
<rule ref="WordPress.WP.Capabilities"/>
<!-- Scripts & style should be enqueued.
https://github.com/WordPress/WordPress-Coding-Standards/issues/35 -->
<rule ref="WordPress.WP.EnqueuedResources"/>
<!-- Warn against overriding WP global variables.
https://github.com/WordPress/WordPress-Coding-Standards/issues/26 -->
<rule ref="WordPress.WP.GlobalVariablesOverride"/>
<!-- Detect incorrect or risky use of the `ini_set()` function.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1447 -->
<rule ref="WordPress.PHP.IniSet"/>
<!-- Check enqueue and register styles and scripts to have version and in_footer parameters explicitly set.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1146 -->
<rule ref="WordPress.WP.EnqueuedResourceParameters"/>
<!-- Check for PHP Parse errors.
https://github.com/WordPress/WordPress-Coding-Standards/issues/522 -->
<rule ref="Generic.PHP.Syntax"/>
<!-- Make the translators comment check which is included in core stricter. -->
<rule ref="WordPress.WP.I18n.MissingTranslatorsComment">
<type>error</type>
</rule>
<rule ref="WordPress.WP.I18n.TranslatorsCommentWrongStyle">
<type>error</type>
</rule>
<!-- Verify that everything in the global namespace is prefixed. -->
<rule ref="WordPress.NamingConventions.PrefixAllGlobals"/>
<!-- Validates post type slugs for valid characters, length and reserved keywords. -->
<rule ref="WordPress.NamingConventions.ValidPostTypeSlug"/>
<!-- https://github.com/WordPress/WordPress-Coding-Standards/issues/1157 -->
<rule ref="WordPress.Security.PluginMenuSlug"/>
<rule ref="WordPress.WP.CronInterval"/>
<rule ref="WordPress.WP.PostsPerPage"/>
<!-- Verify some regex best practices.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1371 -->
<rule ref="WordPress.PHP.PregQuoteDelimiter"/>
<!-- The Core ruleset respects the PHP allowed functions list. For `Extra` the sniff is stricter.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1450 -->
<rule ref="WordPress.PHP.NoSilencedErrors">
<properties>
<property name="usePHPFunctionsList" value="false"/>
</properties>
</rule>
<!-- Commented out code should not be committed.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1463 -->
<rule ref="Squiz.PHP.CommentedOutCode">
<properties>
<property name="maxPercentage" value="40"/>
</properties>
</rule>
<!-- Prevent some typical mistakes people make accidentally.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1777 -->
<rule ref="WordPress.CodeAnalysis.EscapedNotTranslated"/>
<!-- Detects duplicate array keys in array declarations. -->
<rule ref="Universal.Arrays.DuplicateArrayKey"/>
<!-- Disallows return type declarations on constructor/destructor methods,
and constructor/destructor methods returning a value. -->
<rule ref="Universal.CodeAnalysis.ConstructorDestructorReturn"/>
<!-- Detects foreach control structures using the same variable for both key and value. -->
<rule ref="Universal.CodeAnalysis.ForeachUniqueAssignment"/>
<!-- Detects using static instead of self in object-oriented constructs which are final. -->
<rule ref="Universal.CodeAnalysis.StaticInFinalClass"/>
<!-- Disallow if statements, if they are the only statement in an else block. -->
<rule ref="Universal.ControlStructures.DisallowLonelyIf"/>
<!-- Enforce for a file to either declare (global/namespaced) functions
or declare object-oriented structures, but not both. -->
<rule ref="Universal.Files.SeparateFunctionsFromOO"/>
<!-- Detect useless "echo sprintf(...)". -->
<rule ref="Universal.CodeAnalysis.NoEchoSprintf"/>
<!-- Detect use of double negative `!!`. -->
<rule ref="Universal.CodeAnalysis.NoDoubleNegative"/>
<!--
#############################################################################
Code style sniffs for more recent PHP features and syntaxes.
#############################################################################
-->
<!-- Check for single blank line after namespace declaration. -->
<rule ref="PSR2.Namespaces.NamespaceDeclaration"/>
</ruleset>