-
Notifications
You must be signed in to change notification settings - Fork 0
/
phpcs.xml
260 lines (215 loc) · 11 KB
/
phpcs.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
<?xml version="1.0"?>
<ruleset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="PHP-WordPress Common" xsi:noNamespaceSchemaLocation="https://raw.githubusercontent.com/squizlabs/PHP_CodeSniffer/master/phpcs.xsd">
<!-- Default tab width for indentation fixes and such. -->
<arg name="tab-width" value="4"/>
<!-- Generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/pull/382 -->
<rule ref="Generic.PHP.DeprecatedFunctions"/>
<rule ref="Generic.PHP.ForbiddenFunctions"/>
<rule ref="Generic.Functions.CallTimePassByReference"/>
<rule ref="Generic.CodeAnalysis.EmptyStatement"/>
<rule ref="Generic.CodeAnalysis.ForLoopShouldBeWhileLoop"/>
<rule ref="Generic.CodeAnalysis.ForLoopWithTestFunctionCall"/>
<rule ref="Generic.CodeAnalysis.JumbledIncrementer"/>
<rule ref="Generic.CodeAnalysis.UnconditionalIfStatement"/>
<rule ref="Generic.CodeAnalysis.UnnecessaryFinalModifier"/>
<rule ref="Generic.CodeAnalysis.UselessOverridingMethod"/>
<rule ref="Generic.Classes.DuplicateClassName"/>
<!-- More generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/issues/607 -->
<rule ref="Squiz.PHP.NonExecutableCode"/>
<rule ref="Squiz.Operators.IncrementDecrementUsage"/>
<rule ref="Squiz.Operators.ValidLogicalOperators"/>
<rule ref="Squiz.Functions.FunctionDuplicateArgument"/>
<!-- And even more generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/pull/809 -->
<rule ref="Squiz.PHP.DisallowSizeFunctionsInLoops"/>
<!-- And yet more best practices.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1143 -->
<rule ref="PEAR.Files.IncludingFile.BracketsNotRequired">
<type>warning</type>
</rule>
<rule ref="PEAR.Files.IncludingFile.UseRequire">
<type>warning</type>
</rule>
<rule ref="PEAR.Files.IncludingFile.UseRequireOnce">
<type>warning</type>
</rule>
<!--
#############################################################################
Handbook: PHP - Regular Expressions.
Ref: https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/#regular-expressions
#############################################################################
-->
<!-- Covers rule: Perl compatible regular expressions should be used in preference
to their POSIX counterparts. -->
<rule ref="WordPress.PHP.POSIXFunctions"/>
<!-- Rule: Never use the /e switch, use preg_replace_callback instead.
https://github.com/WordPress/WordPress-Coding-Standards/issues/632 -->
<!-- Rule: It's most convenient to use single-quoted strings for regular expressions.
Already covered by Squiz.Strings.DoubleQuoteUsage -->
<!--
#############################################################################
Handbook: PHP - Opening and Closing PHP Tags.
Ref: https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/#opening-and-closing-php-tags
#############################################################################
-->
<!-- Covers rule: When embedding multi-line PHP snippets within a HTML block, the
PHP open and close tags must be on a line by themselves. -->
<rule ref="Squiz.PHP.EmbeddedPhp"/>
<rule ref="Squiz.PHP.EmbeddedPhp.SpacingBefore">
<severity>0</severity>
</rule>
<rule ref="Squiz.PHP.EmbeddedPhp.Indent">
<severity>0</severity>
</rule>
<rule ref="Squiz.PHP.EmbeddedPhp.OpenTagIndent">
<severity>0</severity>
</rule>
<rule ref="Squiz.PHP.EmbeddedPhp.SpacingAfter">
<severity>0</severity>
</rule>
<!--
#############################################################################
Handbook: PHP - No Shorthand PHP Tags.
Ref: https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/#no-shorthand-php-tags
#############################################################################
-->
<!-- Covers rule: Never use shorthand PHP start tags. Always use full PHP tags. -->
<rule ref="Generic.PHP.DisallowShortOpenTag"/>
<rule ref="Generic.PHP.DisallowAlternativePHPTags"/>
<!-- Rule: In a switch block, there must be no space before the colon for a case statement. -->
<!-- Covered by the PSR2.ControlStructures.SwitchDeclaration sniff. -->
<!--
#############################################################################
Handbook: PHP - Clever Code.
Ref: https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/#clever-code
#############################################################################
-->
<!-- Rule: In general, readability is more important than cleverness or brevity.
https://github.com/WordPress/WordPress-Coding-Standards/issues/607 -->
<rule ref="Squiz.PHP.DisallowMultipleAssignments"/>
<rule ref="Generic.Formatting.DisallowMultipleStatements"/>
<!-- Rule: Assignments must not be placed in placed in conditionals.
Note: sniff is a duplicate of upstream. Can be removed once minimum PHPCS requirement has gone up.
https://github.com/squizlabs/PHP_CodeSniffer/pull/1594
Update: the "assignment in ternary" part of the sniff is currently not yet covered in
the upstream version. This needs to be pulled first before we can defer to upstream. -->
<rule ref="WordPress.CodeAnalysis.AssignmentInCondition"/>
<!-- Rule: In a switch statement... If a case contains a block, then falls through
to the next block, this must be explicitly commented. -->
<!-- Covered by the PSR2.ControlStructures.SwitchDeclaration sniff. -->
<!-- Rule: The goto statement must never be used. -->
<rule ref="Generic.PHP.DiscourageGoto">
<type>error</type>
<message>The "goto" language construct should not be used.</message>
</rule>
<!-- Rule: The eval() construct is very dangerous, and is impossible to secure. ... these must not be used. -->
<rule ref="Squiz.PHP.Eval.Discouraged">
<type>error</type>
<message>eval() is a security risk so not allowed.</message>
</rule>
<!-- Rule: create_function() function, which internally performs an eval(),
is deprecated in PHP 7.2. ... these must not be used. -->
<rule ref="WordPress.PHP.RestrictedPHPFunctions"/>
<!--
#############################################################################
Handbook: PHP - (No) Error Control Operator @.
Ref: https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/#error-control-operator
#############################################################################
-->
<!-- Covers rule: This operator is often used lazily instead of doing proper error checking.
Its use is highly discouraged. -->
<rule ref="WordPress.PHP.NoSilencedErrors"/>
<!--
#############################################################################
Handbook: PHP - Don't extract().
Ref: https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/#dont-extract
#############################################################################
-->
<rule ref="WordPress.PHP.DontExtract"/>
<!--
#############################################################################
Not in the handbook: Generic sniffs.
#############################################################################
-->
<!-- Important to prevent issues with content being sent before headers. -->
<rule ref="Generic.Files.ByteOrderMark"/>
<!-- All line endings should be \n. -->
<rule ref="Generic.Files.LineEndings">
<properties>
<property name="eolChar" value="\n"/>
</properties>
</rule>
<!-- There should be no empty statements, i.e. lone semi-colons or open/close tags without content. -->
<rule ref="WordPress.CodeAnalysis.EmptyStatement"/>
<!-- References to self in a class should be lower-case and not have extraneous spaces,
per implicit conventions in the core codebase; the NotUsed code refers to using the
fully-qualified class name instead of self, for which there are instances in core. -->
<rule ref="Squiz.Classes.SelfMemberReference"/>
<rule ref="Squiz.Classes.SelfMemberReference.NotUsed">
<severity>0</severity>
</rule>
<!-- Hook callbacks may not use all params -->
<!-- https://github.com/WordPress/WordPress-Coding-Standards/pull/382#discussion_r29981655 -->
<!--<rule ref="Generic.CodeAnalysis.UnusedFunctionParameter"/>-->
<!-- Encourage having only one class/interface/trait per file. -->
<rule ref="Generic.Files.OneObjectStructurePerFile">
<type>warning</type>
<message>Best practice suggestion: Declare only one class/interface/trait in a file.</message>
</rule>
<!-- Verify modifier keywords for declared methods and properties in classes.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1101 -->
<rule ref="Squiz.Scope.MethodScope"/>
<rule ref="PSR2.Classes.PropertyDeclaration"/>
<rule ref="PSR2.Methods.MethodDeclaration"/>
<!-- Warn against using fully-qualified class names instead of the self keyword. -->
<rule ref="Squiz.Classes.SelfMemberReference.NotUsed">
<!-- Restore default severity of 5 which WordPress-Core sets to 0. -->
<severity>5</severity>
</rule>
<rule ref="WordPress.PHP.DevelopmentFunctions"/>
<rule ref="WordPress.PHP.DiscouragedPHPFunctions"/>
<!-- Detect incorrect or risky use of the `ini_set()` function.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1447 -->
<rule ref="WordPress.PHP.IniSet"/>
<!-- Discourage use of the backtick operator (execution of shell commands).
https://github.com/WordPress/WordPress-Coding-Standards/pull/646 -->
<rule ref="Generic.PHP.BacktickOperator"/>
<!-- Check for PHP Parse errors.
https://github.com/WordPress/WordPress-Coding-Standards/issues/522 -->
<rule ref="Generic.PHP.Syntax"/>
<!-- Verify some regex best practices.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1371 -->
<rule ref="WordPress.PHP.PregQuoteDelimiter"/>
<!-- The Core ruleset respects the whitelist. For `Extra` the sniff is stricter.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1450 -->
<rule ref="WordPress.PHP.NoSilencedErrors">
<properties>
<property name="use_default_whitelist" value="false"/>
</properties>
</rule>
<!-- Commented out code should not be committed.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1463 -->
<rule ref="Squiz.PHP.CommentedOutCode">
<properties>
<!-- Changed percentage to prevent long list of errors, and instead just
give students a nudge that they are having commented out code. -->
<property name="maxPercentage" value="70" />
</properties>
</rule>
<rule ref="WordPress.Security.ValidatedSanitizedInput.InputNotValidated"/>
<!--
#############################################################################
Code style sniffs for more recent PHP features and syntaxes.
#############################################################################
-->
<!-- Check for single blank line after namespace declaration. -->
<rule ref="PSR2.Namespaces.NamespaceDeclaration"/>
<exclude-pattern>*/dev-lib/*</exclude-pattern>
<exclude-pattern>*/node_modules/*</exclude-pattern>
<exclude-pattern>*/vendor/*</exclude-pattern>
<exclude-pattern>.github/</exclude-pattern>
<exclude name="WordPress.Files.FileName.NotHyphenatedLowercase" />
<exclude name="WordPress.Files.FileName.InvalidClassFileName" />
</ruleset>