Skip to content

WIP: PHPCS 4.x changes #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
rodrigoprimo wants to merge 76 commits into
base: develop
Choose a base branch
from
Open

WIP: PHPCS 4.x changes #3

rodrigoprimo wants to merge 76 commits into from

Conversation

@rodrigoprimo
Copy link
Owner

@rodrigoprimo rodrigoprimo commented Sep 19, 2025

Creating this PR to test the GH action changes.

@rodrigoprimo rodrigoprimo force-pushed the phpcs-4 branch 4 times, most recently from f04e071 to c78b598 Compare September 19, 2025 17:57
@rodrigoprimo rodrigoprimo force-pushed the phpcs-4 branch 2 times, most recently from 50244fd to 4d6533c Compare October 2, 2025 22:20
@rodrigoprimo rodrigoprimo force-pushed the phpcs-4 branch 6 times, most recently from 3e1ea76 to 9aeec04 Compare October 21, 2025 19:25
@rodrigoprimo rodrigoprimo force-pushed the phpcs-4 branch 4 times, most recently from f7ad57e to 9e2a835 Compare October 30, 2025 17:10
@rodrigoprimo rodrigoprimo force-pushed the phpcs-4 branch 5 times, most recently from 8113034 to cd42bc6 Compare November 7, 2025 21:35
@rodrigoprimo rodrigoprimo force-pushed the phpcs-4 branch 5 times, most recently from a4c6ab1 to b4d3fb3 Compare November 18, 2025 13:33
@rodrigoprimo rodrigoprimo force-pushed the phpcs-4 branch 3 times, most recently from d8fd190 to d20de47 Compare November 19, 2025 15:21
@rodrigoprimo
WIP ValidationHelper::is_validated(): add basic tests
8185e35 
Check the way the tests are structured. There is for sure room to improve their organization.

This commit is just the basic structure. Everything needs to be reviewed.
@rodrigoprimo
WPDBTrait::is_wpdb_method_call(): improve docblock description
eb41070 
- Clarified that the method supports static method calls as well.
- Replaced incomplete description with a list of the three properties that may be automatically set: `$methodPtr`, `$i`, and `$end`.
- Added clarification that `$methodPtr` and `$i` may be set even when the method returns false (e.g., for property access like `$wpdb->show_errors`). I'm not sure if this should be mentioned or not, but I opted to keep it for now as the original version did mention the `$i` property.
- Updated `$stackPtr` parameter description to mention it can be a "wpdb class name token" as well.
@rodrigoprimo
WIP WPDBTrait::is_wpdb_method_call(): add basic tests
28a7c8d 
Check the way the tests are structured. There is for sure room to improve their organization.

This commit is just the basic structure. Everything needs to be reviewed.
@rodrigoprimo
WIP WPDBTrait::is_wpdb_method_call(): fix false positives for static …
fd92aab 
…method calls to non-global classes called wpdb

Potentially add the tests related to this fix to this commit instead of introducing them in the commit that adds tests to this method.
@rodrigoprimo
CHECK WPDBTrait::is_wpdb_method_call(): update for PHPCS 4.0
bcc4c09 
The tokenization of (namespaced) "names" has changed in PHP 8.0, and this new tokenization will come into effect for PHP_CodeSniffer as of version 4.0.0.

This commit adds handling for the new tokenization of fully qualified calls to WPDB methods and also ensure that the method bails when handling `T_NAME_QUALIFIED` and `T_NAME_RELATIVE` tokens.

As there are no dedicated tests for this trait, a test will be added in a later commit that will update the `PreparedSQLPlaceholders` sniff for PHPCS 4.0. The test can't be added now because the sniff code needs to be updated as well to handle the new PHPCS 4.0 tokenization.

CHECK: I might end up adding dedicated tests for this method.
@rodrigoprimo
ContextHelper::is_in_array_comparison(): update for PHPCS 4.0
1ef5e53 
The tokenization of (namespaced) "names" has changed in PHP 8.0, and this new tokenization will come into effect for PHP_CodeSniffer as of version 4.0.0.

This commit adds handling for the new tokenization when searching for the function name in the ContextHelper::$arrayCompareFunctions array.
@rodrigoprimo
WP/EnqueuedResourceParameters: add tests for namespaced names
0bb8135 
I'm adding two different tests for fully qualified global function calls to cover all the global functions that are referenced directly in the `EnqueuedResourceParametersSniff::process_parameters` method.
@rodrigoprimo
DB/PreparedSQL: move intentional syntax error test to its own file
a9ac920
@rodrigoprimo
DB/PreparedSQL: add tests for namespaced names
c151eae
@rodrigoprimo
DB/PreparedSQL: update for PHPCS 4.0
15ab301 
The tokenization of (namespaced) "names" has changed in PHP 8.0, and this new tokenization will come into effect for PHP_CodeSniffer as of version 4.0.0.

This commit adds handling for the new tokenization of fully qualified function calls and static method calls to this sniff. It also updates a few of the test expectations as the number of errors vary depending on whether running PHPCS 3.x or 4.x.
@rodrigoprimo
DB/PreparedSQLPlaceholders: add namespaced tests
385a315 
Tests for namespaced calls to a function called sprintf() are not added in this commit as they currently result in false negatives. A subsequent commit will fix this problem and include those tests.
@rodrigoprimo
DB/PreparedSQLPlaceholders: fix false negatives for namespaced and me…
1440d86 
…thod calls to `sprintf()`

The sniff was incorrectly analyzing namespaced function calls and method calls to `sprintf()` as if they were calls to the global `sprintf()` function causing false negatives.

This commit introduces the `is_global_function_call()` helper method that properly distinguishes global function calls from method calls and namespaced function calls.

This issue only affected `sprintf()`. The detection of `implode()` and array_fill() was already correctly filtering out namespaced and method calls by checking the preceding token (excluding empty tokens and T_NS_SEPARATOR). That being said, the helper method is applied to all sprintf(), implode(), and array_fill() checks for consistency and future-proofing.
@rodrigoprimo
DB/PreparedSQLPlaceholders: update for PHPCS 4.0
33ceded 
The tokenization of (namespaced) "names" has changed in PHP 8.0, and this new tokenization will come into effect for PHP_CodeSniffer as of version 4.0.0.

This commit adds handling for the new tokenization of fully qualified calls to `\wpdb::prepare()`, `\sprintf()`, `\implode()` and `\array_fill()`.
@rodrigoprimo
Security/ValidatedSanitizedInput: add tests for namespaced names
bf88d18
@rodrigoprimo
Security/ValidatedSanitizedInput: updates for PHPCS 4.0
c38330e 
Update the expectation for three test cases as they are different between PHPCS 3.x and PHPCS 4.x (see WordPress#2665).
@rodrigoprimo
WP/CapitalPDangit: add tests for namespaced names
fc374e7
@rodrigoprimo
ArrayWalkingFunctionsHelper::get_callback_parameter(): update for PHP…
b9d0c49 
…CS 4.0
@rodrigoprimo
SanitizationHelperTrait: update tests for PHPCS 4.0
1726154
@rodrigoprimo
WIP SanitizationHelperTrait: update for PHPCS 4.0
169631e 
Need to check if this way is the best way to fix the problem and improve it (document, make more readable).
@rodrigoprimo
WIP WPHookHelper::get_hook_name_param(): add basic tests
b5930a4 
Check the way the tests are structured. There is for sure room to improve their organization.
@rodrigoprimo
WIP ArrayWalkingFunctionsHelper: add basic tests
a546bb6 
Check the way the tests are structured. There is for sure room to improve their organization.
@rodrigoprimo
WIP EscapingFunctionsTrait: add basic tests
f1d258c 
Check the way the tests are structured. There is for sure room to improve their organization.
@rodrigoprimo
WIP FormattingFunctionsHelper::is_formatting_function(): add basic tests
74e826e 
Check the way the tests are structured. There is for sure room to improve their organization.
@rodrigoprimo
WIP PrintingFunctionsTrait::is_printing_function(): add basic tests
2030d78 
Check the way the tests are structured. There is for sure room to improve their organization.
@rodrigoprimo
WIP UnslashingFunctionsHelper::is_unslashing_function(): add basic tests
b85e9bd 
Check the way the tests are structured. There is for sure room to improve their organization.
@rodrigoprimo
EscapingFunctionsTrait: update for PHPCS 4.0
e948340 
The `is_escaping_function()` and `is_auto_escaped_function()` methods now use `ltrim()` to strip the leading backslash from fully qualified function names, ensuring they are correctly recognized when tokenized as `T_NAME_FULLY_QUALIFIED` in PHPCS 4.0.
@rodrigoprimo
FormattingFunctionsHelper::is_formatting_function(): update for PHPCS…
0cbc1df 
… 4.0

Use `ltrim()` to strip the leading backslash from fully qualified function names, ensuring they are correctly recognized when tokenized as `T_NAME_FULLY_QUALIFIED` in PHPCS 4.0.
@rodrigoprimo
PrintingFunctionsTrait::is_printing_function(): update for PHPCS 4.0
33cab61 
Use `ltrim()` to strip the leading backslash from fully qualified function names, ensuring they are correctly recognized when tokenized as `T_NAME_FULLY_QUALIFIED` in PHPCS 4.0.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rodrigoprimo