Code contributions, bug reports, and feedback are very welcome. These should be submitted through the GitHub repository. Development happens in the develop branch, and any pull requests should be made against that branch please.
- Reporting Security Issues
- Setting up Locally
- Building the Assets
- Running the Tests
- Releasing a New Version
If you discover a security issue in Query Monitor, please report it to the security program on HackerOne. Do not report security issues on GitHub or the WordPress.org support forums. Thank you.
You can clone this repo and activate it like a normal WordPress plugin, but you'll need to install the developer dependencies in order to build the assets and you'll need to have Docker Desktop installed to run the tests.
-
Install the PHP dependencies:
composer install -
Install the Node dependencies:
npm install
To compile the Sass files into CSS:
npm run build
To start the file watcher which will watch for changes and automatically compile the Sass:
npm run watch
The test suite includes acceptance tests which run in a Docker container. Ensure Docker Desktop is running, then start the containers with:
composer test:start
To run the whole test suite which includes integration tests, acceptance tests, linting, and static analysis:
composer test
To run just the integration tests:
composer test:integration
To run just the acceptance tests:
composer test:acceptance
To run just the code sniffer:
composer test:phpcs
To run just the static analysis:
composer test:phpstan
To stop the Docker containers:
composer test:stop
These are the steps to take to release a new version of Query Monitor (for contributors who have push access to the GitHub repo).
- Check the milestone on GitHub for open issues or PRs. Fix or reassign as necessary.
- If this is a non-patch release, check issues and PRs assigned to the patch or minor milestones that will get skipped. Reassign as necessary.
- Ensure you're on the
developbranch and all the changes for this release have been merged in. - Ensure both
README.mdandreadme.txtcontain up to date descriptions, "Tested up to" versions, FAQs, screenshots, etc. - Ensure
.gitattributesis up to date with all files that shouldn't be part of the build.- To do this, run
git archive --output=qm.zip HEADthen check the contents for files that shouldn't be part of the package.
- To do this, run
- Run
composer testand ensure everything passes. - Prepare a changelog for the Releases page on GitHub.
- Bump the plugin version number:
npm run bump:patchfor a patch release (1.2.3 => 1.2.4)npm run bump:minorfor a minor release (1.2.3 => 1.3.0)npm run bump:majorfor a major release (1.2.3 => 2.0.0)
git push origin develop- Wait until (and ensure that) the build passes
git checkout mastergit merge developgit push origin mastergit push origin master:release- Wait for the Build Release action to complete
- Enter the changelog into the release on GitHub and publish it.
Publishing a release on GitHub triggers an action which deploys the release to the WordPress.org Plugin Directory. No need to touch Subversion.
New milestones are automatically created for the next major, minor, and patch releases where appropriate.
- Close the milestone.
- If this is a non-patch release, manually delete any unused patch and minor milestones on GitHub.
- Check the new version has appeared on the WordPress.org plugin page (it'll take a few minutes).
- Resolve relevant threads on the plugin's support forums.
- Consume tea and cake as necessary.
Assets such as screenshots and banners are stored in the .wordpress-org directory. These get deployed as part of the automated release process too.
In order to deploy only changes to assets, push the change to the deploy branch and they will be deployed if they're the only changes in the branch since the last release. This allows for the "Tested up to" value to be bumped as well as assets to be updated in between releases.