From 3d06387418da00fb9baf61f578e6d39d983ba286 Mon Sep 17 00:00:00 2001
From: Brian <brian@brianhaas.li>
Date: Sun, 1 Feb 2026 21:45:57 +0100
Subject: [PATCH 1/2] fix phpcs warning

---
 providers/class-two-factor-fido-u2f-admin-list-table.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/providers/class-two-factor-fido-u2f-admin-list-table.php b/providers/class-two-factor-fido-u2f-admin-list-table.php
index deb220cf..b63d3cf8 100644
--- a/providers/class-two-factor-fido-u2f-admin-list-table.php
+++ b/providers/class-two-factor-fido-u2f-admin-list-table.php
@@ -140,7 +140,7 @@ public function inline_edit() {
 							}
 
 							/** This action is documented in wp-admin/includes/class-wp-posts-list-table.php */
-							do_action( 'quick_edit_custom_box', $column_name, 'edit-security-keys' );
+							do_action( 'quick_edit_custom_box', $column_name, 'edit-security-keys' ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound
 						}
 						?>
 						<p class="inline-edit-save submit">

From 881e5da521573cc80c6edf8fbc813dcfc57ef834 Mon Sep 17 00:00:00 2001
From: Brian <brian@brianhaas.li>
Date: Sun, 1 Feb 2026 21:58:50 +0100
Subject: [PATCH 2/2] phpcs ignore

---
 class-two-factor-core.php | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/class-two-factor-core.php b/class-two-factor-core.php
index 5fed4e01..acff8e6c 100644
--- a/class-two-factor-core.php
+++ b/class-two-factor-core.php
@@ -1446,7 +1446,7 @@ public static function _login_form_validate_2fa( $user, $nonce = '', $provider =
 		if ( true !== $result ) {
 			$error = '';
 			if ( is_wp_error( $result ) ) {
-				do_action( 'wp_login_failed', $user->user_login, $result );
+				do_action( 'wp_login_failed', $user->user_login, $result ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Core WordPress action.
 
 				$error = $result->get_error_message();
 			}
@@ -1509,7 +1509,7 @@ public static function _login_form_validate_2fa( $user, $nonce = '', $provider =
 			</div>
 			<?php
 			/** This action is documented in wp-login.php */
-			do_action( 'login_footer' );
+			do_action( 'login_footer' ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Core WordPress action.
 			?>
 			<?php if ( $customize_login ) : ?>
 				<script type="text/javascript">setTimeout( function(){ new wp.customize.Messenger({ url: '<?php echo esc_url( wp_customize_url() ); ?>', channel: 'login' }).send('login') }, 1000 );</script>
@@ -1519,7 +1519,7 @@ public static function _login_form_validate_2fa( $user, $nonce = '', $provider =
 			return;
 		}
 
-		$redirect_to = apply_filters( 'login_redirect', $redirect_to, $redirect_to, $user );
+		$redirect_to = apply_filters( 'login_redirect', $redirect_to, $redirect_to, $user ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Core WordPress filter.
 		wp_safe_redirect( $redirect_to );
 	}
 
@@ -1577,7 +1577,7 @@ public static function _login_form_revalidate_2fa( $nonce = '', $provider = '',
 		if ( true !== $result ) {
 			$error = '';
 			if ( is_wp_error( $result ) ) {
-				do_action( 'wp_login_failed', $user->user_login, $result );
+				do_action( 'wp_login_failed', $user->user_login, $result ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Core WordPress action.
 
 				$error = $result->get_error_message();
 			}
@@ -1610,14 +1610,14 @@ public static function _login_form_revalidate_2fa( $nonce = '', $provider = '',
 			</div>
 			<?php
 			/** This action is documented in wp-login.php */
-			do_action( 'login_footer' );
+			do_action( 'login_footer' ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Core WordPress action.
 			?>
 			</body></html>
 			<?php
 			return;
 		}
 
-		$redirect_to = apply_filters( 'login_redirect', $redirect_to, $redirect_to, $user );
+		$redirect_to = apply_filters( 'login_redirect', $redirect_to, $redirect_to, $user ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Core WordPress filter.
 		wp_safe_redirect( $redirect_to );
 		return;
 	}
@@ -1939,7 +1939,7 @@ public static function user_two_factor_options( $user ) {
 		 *
 		 * @since 0.1-dev
 		 */
-		do_action( 'show_user_security_settings', $user, $providers );
+		do_action( 'show_user_security_settings', $user, $providers ); // phpcs:ignore WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedHooknameFound -- Legacy unprefixed hook.
 	}
 
 	/**