Address CodeRabbit review suggestions for security and code quality

[Copilot]

Implements CodeRabbit review feedback addressing hostname extraction bugs, memory issues, date handling inconsistencies, and PHPCS configuration improvements.

Bug Fixes

• Hostname extraction: Replace broken str_replace('http', '') with wp_parse_url() in ImportActivecollab, ImportAsana, ImportTrello - the old code produced invalid emails like user@s:example.com for HTTPS sites
• File downloads: Revert to readfile() for streaming - $wp_filesystem->get_contents() loads entire file into memory
• Date handling: Use gmdate('Y-m-d') directly instead of mixing current_time('mysql') with gmdate() which creates timezone confusion
• TRUNCATE query: Fix invalid SQL from $wpdb->prepare("TRUNCATE TABLE %s") - use esc_sql() with hardcoded table whitelist

// Before: breaks for https://example.com → "s:example.com"
$hostname = str_replace('http', '', get_site_url());
$hostname = str_replace('://', '', $hostname);

// After: correctly extracts "example.com"
$hostname = wp_parse_url(get_site_url(), PHP_URL_HOST);

HTTP API

• Add HTTP status code validation in Trello_helper.php - non-2xx responses now treated as errors
• Sanitize debug output in PM_Asana.php to avoid exposing sensitive API tokens

PHPCS Configuration

• Remove file_get_contents/file_put_contents exclusions to enforce WP_Filesystem migration
• Update PHP version from 5.6 to 7.2 (WordPress 6.7+ requirement)
• Replace non-existent composer_directory pattern with vendor

---

✨ Let Copilot coding agent set things up for you — coding agent works faster and does higher quality work when set up for your repo.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}