Skip to content

Re-categorize sniffs in the VIP folder#344

Merged
rebeccahum merged 2 commits intomasterfrom
rebecca/re-categorize
Jan 14, 2019
Merged

Re-categorize sniffs in the VIP folder#344
rebeccahum merged 2 commits intomasterfrom
rebecca/re-categorize

Conversation

@rebeccahum
Copy link
Contributor

@rebeccahum rebeccahum commented Jan 11, 2019
edited
Loading

Fixes #241. This PR moves a bunch of sniffs into new categories like so:

VIP —> Compatibility

  • Robotstxt

Plugin —> Compatibility

  • Zoninator

VIP —> Functions

  • RestrictedFunctions

Actions —> Hooks

  • PreGetPosts

Cache —> Performance

  • BatcacheWhitelistedParameters
  • CacheValueOverride
  • LowExpiryCacheTime

VIP —> Performance

  • FetchingRemoteData
  • NoPaging
  • OrderByRand
  • RegexpCompare
  • RemoteRequestTimeout
  • TaxonomyMetaInOptions
  • WPQueryParams

VIP —> Security

  • EscapingVoidReturnFunctions
  • ExitAfterRedirect
  • PHPFilterFunctions
  • ProperEscapingFunction
  • StaticStrreplace

TemplatingEngine —> Security

  • Mustache
  • Twig
  • Underscorejs
  • Vuejs

VIP —> UserExperience

  • AdminBarRemoval

VIP —> Variables

  • RestrictedVariables

Other things included in this PR:

  • Renamed ConstantRestrictions to RestrictedConstants
  • Renamed AlwaysReturn to AlwaysReturnInFilter
  • Moved CreateFunctions into RestrictedFunctions
  • Improve RestrictedFunctionsSniff by adding a check to ensure that a bracket proceeds the function.
  • Renamed Mustache, Twig, Underscorejs and Vuejs by removing the UnescapedOutput prefix

@rebeccahum
Get rid of the VIP folder through re-categorizing and re-naming sniff…
185219c 
…s and add logic in RestrictedFunctionsSniff to check that it's actually a function we're looking for
@rebeccahum rebeccahum requested a review from GaryJones January 11, 2019 22:10
GaryJones
GaryJones requested changes Jan 11, 2019
View reviewed changes
Copy link
Contributor

@GaryJones GaryJones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome work - only a few minor amendments, then looks good to go.

Local composer test passes fine.

Will need a big update to the audit (which I can handle)!

WordPress-VIP-Go/ruleset.xml Outdated
<message>Having more than 100 posts returned per page can lead to severe performance problems.</message>
</rule>
<rule ref="WordPressVIPMinimum.Filters.RestrictedHook.UploadMimes">
<rule ref="WordPressVIPMinimum.Hooks.RestrictedHook.UploadMimes">

This comment was marked as resolved.

Sign in to view

WordPressVIPMinimum/Sniffs/Functions/RestrictedFunctionsSniff.php Outdated
'get_children',
],
],
'deprecated' => [
Copy link
Contributor

@GaryJones GaryJones Jan 11, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This check for create_function is tipping into PHPCompatibility territory (as was the previous sniff).

However, thinking ahead, if function x() got deprecated in PHP 7.3, then we'd either have to generalise the message to not contain the version, or add in another deprecated (but with a different name) category.

There are lots of deprecations in PHP 7.2 - so why does this one get special treatment?

Copy link
Contributor Author

@rebeccahum rebeccahum Jan 11, 2019
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm thinking that it gets special treatment because of: https://vip.wordpress.com/documentation/vip-go/code-review-blockers-warnings-notices/#eval-and-create_function
I'll update the error message to match Squiz.PHP.Eval.Discouraged also with a notification that it's deprecated.

Copy link
Contributor

@GaryJones GaryJones Jan 14, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fair point @rebeccahum.

@tessaneedham Do you know why create_function gets attention in the Docs, yet none of the other deprecations for 7.2 get mentioned?

Could it be generalised to advise that any PHP-level deprecated functions should be avoided (PHPCS warning or error)?

WordPressVIPMinimum/Sniffs/Hooks/RestrictedHookSniff.php
namespace WordPressVIPMinimum\Sniffs\Hooks;

use WordPress\AbstractFunctionParameterSniff;

This comment was marked as resolved.

Sign in to view

WordPressVIPMinimum/Tests/Constants/ConstantRestrictionsUnitTest.php
@@ -14,7 +14,7 @@
*

This comment was marked as resolved.

Sign in to view

ruleset_test.inc Outdated
@file_get_contents( $foo ); // Error + Warning.

// WordPressVIPMinimum.VIP.RegexpCompare + WordPress.VIP.SlowDBQuery
// WordPressVIPMinimum.Performance.RegexpCompare + WordPress.VIP.SlowDBQuery

This comment was marked as resolved.

Sign in to view

@GaryJones GaryJones added this to the 0.5.0 milestone Jan 11, 2019
@rebeccahum
Change RestrictedHook to RestrictedHooks, change create_function erro…
3c7bc0c 
…r messsage, rename ConstantRestrictions and fix references of WordPress.VIP
@rebeccahum rebeccahum merged commit 920ee7c into master Jan 14, 2019
@GaryJones
Copy link
Contributor

GaryJones commented Jan 15, 2019

Audit has now been done.

@GaryJones GaryJones deleted the rebecca/re-categorize branch January 15, 2019 15:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@GaryJones GaryJones GaryJones approved these changes

Assignees

@rebeccahum rebeccahum

Labels

Type: Maintenance

Projects

None yet

Milestone

1.0.0

Development

Successfully merging this pull request may close these issues.

Recategorize sniffs currently in "VIP" folder

2 participants

@rebeccahum @GaryJones