Merge pull request #1788 from WordPress/feature/escapeoutput-minor-cleanup

EscapeOutput: use Sniff::$safe_casts

Author: dingo-d

WordPress/Sniff.php

@@ -372,6 +372,7 @@ abstract class Sniff implements PHPCS_Sniff {
 		\T_INT_CAST    => true,
 		\T_DOUBLE_CAST => true,
 		\T_BOOL_CAST   => true,
+		\T_UNSET_CAST  => true,
 	);
 
 	/**

WordPress/Sniffs/Security/EscapeOutputSniff.php

@@ -124,20 +124,6 @@ class EscapeOutputSniff extends Sniff {
 		'PHP_DEBUG'           => true, // Integer.
 	);
 
-	/**
-	 * List of names of the cast tokens which can be considered as a safe escaping method.
-	 *
-	 * @since 0.12.0
-	 *
-	 * @var array
-	 */
-	private $safe_cast_tokens = array(
-		'T_INT_CAST'    => true, // (int)
-		'T_DOUBLE_CAST' => true, // (float)
-		'T_BOOL_CAST'   => true, // (bool)
-		'T_UNSET_CAST'  => true, // (unset)
-	);
-
 	/**
 	 * List of tokens which can be considered as a safe when directly part of the output.
 	 *
@@ -367,7 +353,7 @@ public function process_token( $stackPtr ) {
 			$watch = false;
 
 			// Allow int/double/bool casted variables.
-			if ( isset( $this->safe_cast_tokens[ $this->tokens[ $i ]['type'] ] ) ) {
+			if ( isset( $this->safe_casts[ $this->tokens[ $i ]['code'] ] ) ) {
 				$in_cast = true;
 				continue;
 			}