-
-
Notifications
You must be signed in to change notification settings - Fork 494
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release WordPressCS 3.1.0 #2439
Conversation
This commit adds an initial Dependabot configuration to: * Submit pull requests for security updates and version updates for GH Action runner dependencies. At a later point in time, we could consider enabling it for Composer dependencies as well. The configuration has been set up to: * Run weekly (for now). * Submit a maximum of 5 pull requests at a time. If additional pull requests are needed, these will subsequently be submitted the next time Dependabot runs after one or more of the open pull requests have been merged. * The commit messages for PRs submitted by Dependabot will be prefixed according the unofficial conventions used in this repo up to now. * The PRs will automatically be labelled with an appropriate label as already in use in this repo. Refs: * https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file * https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy
…-for-ghactions
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Fix the release date in the changelog
…ions/checkout-4
The posts per page sniff should bail out early if empty string is passed as a value. The tests were added for both posts per page sniff and slow db query sniff, to check if empty string is passed as a value. In the case of SlowDBQuery the sniff should flag cases where there is and isn't a value passed, as that sniff will always flag whenever meta_key and meta_value are used in a query.
Add defensive coding in posts per page sniff
Just noticed this didn't display as intended.
Looks like this one was missed in previous update rounds (not that it is a valid URL anyway.
* Update a URL which is no longer valid. * Ensure all steps have a name.
... which is expected later today. * Builds against PHP 8.3 are no longer allowed to fail. * Add _allowed to fail_ build against PHP 8.4.
…it-update-list IsUnitTestTrait: add new testcase as introduced in WP Core
Ruleset: update a URL
GH Actions: minor tweaks
GH Actions: update for the release of PHP 8.3
PHPCSExtra 1.2.0 was released yesterday and contains two new sniffs which IMO would be suitable for adding to WordPressCS. Includes raising the minimum supported PHPCSExtra version. (will conflict with PR 2408 and will need rebase depending on which is merged first) Ref: * https://github.com/PHPCSStandards/PHPCSExtra/releases/tag/1.2.0
The WP PHP Open Collective, aside from the name conveying the completely wrong message, has so far not been in touch with us about how funds can be released or anything else. This seems like a dead-end. Switching to the PHP_CodeSniffer Open Collective makes more sense (to me). Happy to have a discussion about this.
Use two new sniffs from PHPCSExtra 1.2.0
The path of the test case file used in the example of how to generate the list of expected lines with errors is wrong. This commit fixes it. I believe it was changed by mistake in 4a33d46#diff-98e64bc1cd2db9333c6effe87bbe0d6dfe8714aba4c6bde45aa037fe0796e44cR141. If we want to keep the current path for some reason, we might want to change the part that says "from the root directory of your WordPressCS clone".
... caused by improved, but not 100% correct, type information coming from PHPCSUtils. This incorrect type info will be fixed in the next version of PHPCSUtils.
Update funding information
PHPStan: ignore two new issues
The Squizlabs repo has been abandoned. The project continues in a fork in the PHPCSStandards organisation. Ref: * squizlabs/PHP_CodeSniffer 3932
In contrast to earlier information, arrangements are now being made to allow the package to continue under its original name on Packagist. The commit (in the new repo) to rename the package [has been reverted](PHPCSStandards/PHP_CodeSniffer#135).
... for improved PHP 8.2 support.
... after the tooling has also updated to the PHPCSStandards version of PHPCS. Refs: * https://github.com/PHPCSStandards/PHPCSUtils/releases * https://github.com/PHPCSStandards/PHPCSExtra/releases
This new PHPCS 3.9.0 sniff will flag code which contains a `||` and a `&&` operator in the same condition and their precedence is not clarified via parenthesis. This should allow for users of WPCS to find/prevent some bugs in code. I'd personally would **_highly_** recommend for WP Core to also use this sniff, but I suspect that will need due discussion/Make post/handbook change. Note: running this sniff on WP Core as-is, would (to my surprise) not actually trigger any new errors. Includes updating a code snippet in the Ruleset test to comply.
Upstream a PR is open - and will be merged soon - to change the protection against the `Squiz` sniff, which this sniff extends, handling operators found in `declare()` statements. In particular, the PR is about how the sniff handles parse errors/live coding for declare statements. As the WPCS sniff calls the parent `register()` method and falls through to the parent `process()` method, the WPCS sniff should automatically get that extra protection too. This commit just adds an extra test to the `WordPress.WhiteSpace.OperatorSpacing` to safeguard things.
Extra: do not allow ambiguous conditions (needs PHPCS 3.9.0)
…with-upstream-289 WhiteSpace/OperatorSpacing: add extra test
Bumps [mondeja/remove-labels-gh-action](https://github.com/mondeja/remove-labels-gh-action) from 1 to 2. - [Release notes](https://github.com/mondeja/remove-labels-gh-action/releases) - [Commits](mondeja/remove-labels-gh-action@v1...v2) --- updated-dependencies: - dependency-name: mondeja/remove-labels-gh-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
PHPCSUtils 1.0.10 has been released, which fixes two false positives, meaning these ignore annotations can now be removed (as per the inline comments). Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10
PHPStan config: update for release of PHPCSUtils 1.0.10
…deja/remove-labels-gh-action-2 GH Actions: Bump mondeja/remove-labels-gh-action from 1 to 2
…n WP 6.5-RC3 Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
…ist based on WP 6.5-RC3 Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803. Includes tests.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803. Includes tests.
The minimum version should be three versions behind the latest WP release, so what with 6.5 being in RC, to be released on next week, it should now become 6.2. Includes updating the tests to match. Previous: 2121, 2321
Nothing major in the 1.0.10 release, but updating the requirement prevents us having to deal with invalid bug reports when people would already be running WPCS against PHP 8.4, as two issues related to a PHP 8.4 deprecation have been fixed. Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10
…ffs-wp-6.5 Update list based sniffs for WP 6.5
…utils Composer: raise the minimum supported PHPCSUtils version to 1.0.10
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Target release date: Monday March 22, 2024.
I'm guessing this is a typo and should be Monday March 25, 2024?
Correct. Glad to see I didn't make the typo in the actual changelog 😁 |
Changelog for the release of WordPressCS 3.1.0
Core ticket: https://core.trac.wordpress.org/ticket/60840 |
Release tweet: https://twitter.com/jrf_nl/status/1772308372349440306 |
Please do add approvals if you agree as otherwise we won't be able to release.
PR for tracking changes for the 3.1.0 release. Target release date: Monday March 25, 2024.
Release checklist
General
composer.json
- PR Composer: raise the minimum supported PHPCSUtils version to 1.0.10 #2437MinimumWPVersionTrait::$default_minimum_wp_version
and if so, action it - PR Update list based sniffs for WP 6.5 #2436✏️ Make sure the "last updated" annotation in the docblocks for these lists has also been updated!
List based sniffs:
WordPress.WP.ClassNameCase
- PR Update list based sniffs for WP 6.5 #2436WordPress.WP.DeprecatedClasses
- PR Update list based sniffs for WP 6.5 #2436WordPress.WP.DeprecatedFunctions
- PR Update list based sniffs for WP 6.5 #2436WordPress.WP.DeprecatedParameters
- N/AWordPress.WP.DeprecatedParameterValues
- N/A$allowed_core_constants
inWordPress.NamingConventions.PrefixAllGlobals
- N/A$pluggable_functions
inWordPress.NamingConventions.PrefixAllGlobals
- PR Update list based sniffs for WP 6.5 #2436$pluggable_classes
inWordPress.NamingConventions.PrefixAllGlobals
- N/A$target_functions
inWordPress.Security.PluginMenuSlug
- N/A$reserved_names
inWordPress.NamingConventions.ValidPostTypeSlug
- PR Update list based sniffs for WP 6.5 #2436$wp_time_constants
inWordPress.WP.CronInterval
- N/A$known_test_classes
inIsUnitTestTrait
- PR IsUnitTestTrait: add new testcase as introduced in WP Core #2407Release prep
✏️ Remember to add a release link at the bottom!
README
(if applicable) - N/ARelease
main
(careful, GH defaults todevelop
!) & copy & paste the changelog to it.✏️ Check if anything from the link collection at the bottom of the changelog needs to be copied in!
develop
to be equal tomain
.After release
Publicize