Added Workflow

PDowney · web-flow · commit 06ee6d2fc6ac · 2025-05-19T18:16:17.000-04:00
diff --git a/.github/ISSUE_TEMPLATE/plugin-check-failure.md b/.github/ISSUE_TEMPLATE/plugin-check-failure.md
@@ -0,0 +1,58 @@
+---
+title: WordPress Plugin Check Failure
+labels: bug, plugin-check, automated
+assignees: 
+---
+
+## WordPress Plugin Check Failure
+
+The WordPress Plugin Check action has identified issues with the Simple WP Optimizer plugin.
+
+### Details
+
+- **Test Date:** {{ date | date('YYYY-MM-DD HH:mm:ss') }}
+- **Workflow Run:** [View detailed logs]({{ env.WORKFLOW_URL }})
+
+### Next Steps
+
+This issue has been automatically created because the WordPress Plugin Check found issues with the plugin that should be addressed. The check performed the following specific tests:
+
+#### Categories:
+- **Accessibility**: Checks for accessibility compliance issues
+- **General**: General WordPress coding standards and best practices
+- **Performance**: Tests that identify performance bottlenecks
+- **Plugin Repo**: Requirements for WordPress.org plugin repository
+- **Security**: Security-focused checks to identify vulnerabilities
+
+#### Specific Checks:
+- **i18n_usage**: Proper internationalization usage
+- **code_obfuscation**: Detecting potentially obfuscated code
+- **direct_db_queries**: Identifying direct database queries that bypass WordPress APIs
+- **enqueued_scripts_in_footer**: Ensuring scripts are properly enqueued in the footer
+- **enqueued_scripts_size**: Checking for excessively large script files
+- **enqueued_styles_scope**: Ensuring styles are properly scoped
+- **file_type**: Checking for proper file types and formats
+- **late_escaping**: Ensuring output is properly escaped
+- **localhost**: Checking for references to localhost or development environments
+- **no_unfiltered_uploads**: Ensuring uploads are properly filtered
+- **performant_wp_query_params**: Checking for inefficient WP_Query parameters
+- **plugin_header_text_domain**: Verifying correct text domain in plugin header
+- **plugin_readme**: Checking the plugin readme file format
+- **plugin_review_phpcs**: PHP CodeSniffer checks for WordPress standards
+- **plugin_updater**: Checking plugin update mechanisms
+- **trademarks**: Checking for potential trademark violations
+
+#### Recommended Actions:
+
+1. Review the workflow logs for specific error messages and warnings
+2. Address each identified issue in the plugin code
+3. Test locally using the [WordPress Plugin Check tool](https://github.com/WordPress/plugin-check) to verify fixes
+4. Submit a pull request with the necessary changes
+
+Once all issues are fixed, please close this issue and reference it in the changelog.
+
+### About WordPress Plugin Check
+
+The WordPress Plugin Check tool helps plugin authors create plugins that follow WordPress best practices. It checks for issues related to security, performance, and compatibility to ensure plugins work well in the WordPress ecosystem.
+
+---
diff --git a/.github/workflows/wordpress-plugin-check.yml b/.github/workflows/wordpress-plugin-check.yml
@@ -0,0 +1,100 @@
+name: WordPress Plugin Check
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+  # Allow manually triggering the workflow
+  workflow_dispatch:
+
+# Cancels all previous workflow runs for the same branch that have not yet completed
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+  issues: write
+
+jobs:
+  plugin-check:
+    name: WordPress Plugin Check
+    runs-on: ubuntu-latest
+    
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+      
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.0'
+          extensions: mysqli, curl, zip, intl, gd, mbstring, fileinfo, xml
+          coverage: none
+          tools: composer:v2
+      
+      - name: Install Composer dependencies
+        uses: ramsey/composer-install@v3
+        with:
+          dependency-versions: highest
+          composer-options: "--prefer-dist --no-progress"
+      
+      - name: WordPress Plugin Check
+        uses: WordPress/plugin-check-action@v1.1.2
+        with:
+          # Build directory - using repository root
+          build-dir: './'
+          
+          # Configure which checks to run
+          checks: |
+            i18n_usage
+            code_obfuscation
+            direct_db_queries
+            enqueued_scripts_in_footer
+            enqueued_scripts_size
+            enqueued_styles_scope
+            file_type
+            late_escaping
+            localhost
+            no_unfiltered_uploads
+            performant_wp_query_params
+            plugin_header_text_domain
+            plugin_readme
+            plugin_review_phpcs
+            plugin_updater
+            trademarks
+          
+          # Configure which categories to check
+          categories: |
+            accessibility
+            general
+            performance
+            plugin_repo
+            security
+          
+          # Whether to include experimental checks
+          include-experimental: false
+          
+          # Don't ignore warnings or errors
+          ignore-warnings: false
+          ignore-errors: false
+          
+          # WordPress version to use
+          wp-version: 'latest'
+      
+      - name: Create issue on plugin check failure
+        if: ${{ failure() }}
+        uses: JasonEtco/create-an-issue@v2
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          RUN_ID: ${{ github.run_id }}
+          WORKFLOW_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+        with:
+          filename: .github/ISSUE_TEMPLATE/plugin-check-failure.md
+          update_existing: false
+          
+      - name: Mark job as failed after issue creation
+        if: ${{ failure() }}
+        run: |
+          echo "::error::WordPress Plugin Check failed. Created issue for tracking."
+          exit 1
