Merge pull request #2563 from WordPress/feature/use-phpcsutils-1.1.0

Use PHPCSUtils 1.1.0 features

Author: dingo-d

WordPress/Helpers/ListHelper.php

@@ -9,8 +9,8 @@
 
 namespace WordPressCS\WordPress\Helpers;
 
-use PHP_CodeSniffer\Exceptions\RuntimeException;
 use PHP_CodeSniffer\Files\File;
+use PHPCSUtils\Exceptions\UnexpectedTokenType;
 use PHPCSUtils\Tokens\Collections;
 use PHPCSUtils\Utils\Lists;
 
@@ -67,7 +67,7 @@ public static function get_list_variables( File $phpcsFile, $stackPtr ) {
 
 		try {
 			$assignments = Lists::getAssignments( $phpcsFile, $stackPtr );
-		} catch ( RuntimeException $e ) {
+		} catch ( UnexpectedTokenType $e ) {
 			// Parse error/live coding.
 			return array();
 		}

WordPress/Sniffs/Files/FileNameSniff.php

@@ -10,8 +10,8 @@
 namespace WordPressCS\WordPress\Sniffs\Files;
 
 use PHPCSUtils\Tokens\Collections;
+use PHPCSUtils\Utils\FilePath;
 use PHPCSUtils\Utils\ObjectDeclarations;
-use PHPCSUtils\Utils\TextStrings;
 use WordPressCS\WordPress\Helpers\IsUnitTestTrait;
 use WordPressCS\WordPress\Sniff;
 
@@ -151,8 +151,7 @@ public function register() {
 	 *                  normal file processing.
 	 */
 	public function process_token( $stackPtr ) {
-		// Usage of `stripQuotes` is to ensure `stdin_path` passed by IDEs does not include quotes.
-		$file = TextStrings::stripQuotes( $this->phpcsFile->getFileName() );
+		$file = FilePath::getName( $this->phpcsFile );
 		if ( 'STDIN' === $file ) {
 			return $this->phpcsFile->numTokens;
 		}
@@ -197,7 +196,7 @@ public function process_token( $stackPtr ) {
 			$this->check_filename_has_class_prefix( $class_ptr, $file_name );
 		}
 
-		if ( false !== strpos( $file, \DIRECTORY_SEPARATOR . 'wp-includes' . \DIRECTORY_SEPARATOR )
+		if ( false !== strpos( $file, '/wp-includes/' )
 			&& false === $class_ptr
 		) {
 			$this->check_filename_for_template_suffix( $stackPtr, $file_name );

WordPress/Sniffs/PHP/YodaConditionsSniff.php

@@ -43,10 +43,9 @@ public function register() {
 
 		$starters                        = Tokens::$booleanOperators;
 		$starters                       += Tokens::$assignmentTokens;
+		$starters                       += Collections::ternaryOperators();
 		$starters[ \T_CASE ]             = \T_CASE;
 		$starters[ \T_RETURN ]           = \T_RETURN;
-		$starters[ \T_INLINE_THEN ]      = \T_INLINE_THEN;
-		$starters[ \T_INLINE_ELSE ]      = \T_INLINE_ELSE;
 		$starters[ \T_SEMICOLON ]        = \T_SEMICOLON;
 		$starters[ \T_OPEN_PARENTHESIS ] = \T_OPEN_PARENTHESIS;
 

WordPress/Sniffs/Security/EscapeOutputSniff.php

@@ -200,19 +200,19 @@ public function process_token( $stackPtr ) {
 				return parent::process_token( $stackPtr );
 
 			case \T_EXIT:
-				$next_non_empty = $this->phpcsFile->findNext( Tokens::$emptyTokens, ( $stackPtr + 1 ), null, true );
-				if ( false === $next_non_empty
-					|| \T_OPEN_PARENTHESIS !== $this->tokens[ $next_non_empty ]['code']
-					|| isset( $this->tokens[ $next_non_empty ]['parenthesis_closer'] ) === false
-				) {
-					// Live coding/parse error or an exit/die which doesn't pass a status code. Ignore.
+				$params = PassedParameters::getParameters( $this->phpcsFile, $stackPtr );
+				if ( empty( $params ) ) {
+					// Live coding/parse error or an exit/die which doesn't pass a status. Ignore.
 					return;
 				}
 
-				// $end is not examined, so make sure the parentheses are balanced.
-				$start = $next_non_empty;
-				$end   = ( $this->tokens[ $next_non_empty ]['parenthesis_closer'] + 1 );
-				break;
+				// There should only be one parameter ($status), but just to be on the safe side.
+				foreach ( $params as $param ) {
+					$this->check_code_is_escaped( $param['start'], ( $param['end'] + 1 ) );
+				}
+
+				// Skip to the end of the last found parameter.
+				return ( $param['end'] + 1 );
 
 			case \T_THROW:
 				// Find the open parentheses, while stepping over the exception creation tokens.

WordPress/Sniffs/Utils/I18nTextDomainFixerSniff.php

@@ -11,6 +11,7 @@
 
 use PHP_CodeSniffer\Util\Tokens;
 use PHPCSUtils\BackCompat\Helper;
+use PHPCSUtils\Utils\FilePath;
 use PHPCSUtils\Utils\GetTokensAsString;
 use PHPCSUtils\Utils\PassedParameters;
 use PHPCSUtils\Utils\TextStrings;
@@ -675,7 +676,7 @@ public function process_comments( $stackPtr ) {
 		$headers = $this->plugin_headers;
 		$type    = 'plugin';
 
-		$file = TextStrings::stripQuotes( $this->phpcsFile->getFileName() );
+		$file = FilePath::getName( $this->phpcsFile );
 		if ( 'STDIN' === $file ) {
 			return;
 		}

WordPress/Sniffs/WP/EnqueuedResourcesSniff.php

@@ -9,8 +9,8 @@
 
 namespace WordPressCS\WordPress\Sniffs\WP;
 
-use PHP_CodeSniffer\Exceptions\RuntimeException;
 use PHP_CodeSniffer\Util\Tokens;
+use PHPCSUtils\Exceptions\ValueError;
 use PHPCSUtils\Tokens\Collections;
 use PHPCSUtils\Utils\TextStrings;
 use WordPressCS\WordPress\Sniff;
@@ -54,7 +54,7 @@ public function process_token( $stackPtr ) {
 			try {
 				$end_ptr = TextStrings::getEndOfCompleteTextString( $this->phpcsFile, $stackPtr );
 				$content = TextStrings::getCompleteTextString( $this->phpcsFile, $stackPtr );
-			} catch ( RuntimeException $e ) {
+			} catch ( ValueError $e ) {
 				// Parse error/live coding.
 				return;
 			}

WordPress/Tests/Security/EscapeOutputUnitTest.1.inc

@@ -655,3 +655,10 @@ echo '<input type="search" value="' . get_search_query( false ) . '">'; // Bad.
 echo '<input type="search" value="' . get_search_query( 0 ) . '">'; // Bad.
 echo '<input type="search" value="' . get_search_query( escape: false ) . '">'; // OK, well not really, typo in param name, but that's not our concern.
 echo '<input type="search" value="' . get_search_query( escaped: false ) . '">'; // Bad.
+
+// PHP 8.4: exit/die using named parameters.
+exit( status: esc_html( $foo ) ); // Ok.
+die( status: esc_html( $foo ) ); // Ok.
+
+exit( status: $foo ); // Bad.
+die( status: $foo ); // Bad.

WordPress/Tests/Security/EscapeOutputUnitTest.php

@@ -159,6 +159,8 @@ public function getErrorList( $testFile = '' ) {
 					654 => 1,
 					655 => 1,
 					657 => 1,
+					663 => 1,
+					664 => 1,
 				);
 
 			case 'EscapeOutputUnitTest.6.inc':