-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathphpcs.xml
More file actions
143 lines (117 loc) · 6.08 KB
/
phpcs.xml
File metadata and controls
143 lines (117 loc) · 6.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
<?xml version="1.0"?>
<ruleset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="Jetonomy" xsi:noNamespaceSchemaLocation="vendor/squizlabs/php_codesniffer/phpcs.xsd">
<description>Jetonomy WPCS ruleset — extends WordPress with PHP 8.1+ allowances.</description>
<file>includes/</file>
<file>templates/</file>
<arg name="extensions" value="php"/>
<arg name="colors"/>
<arg value="sp"/>
<rule ref="WordPress">
<!-- PHP 8.1+ syntax allowances. -->
<exclude name="Universal.Arrays.DisallowShortArraySyntax"/>
<exclude name="Universal.Operators.DisallowShortTernary"/>
<!-- Namespaced plugin — template variables are not true globals. -->
<exclude name="WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedVariableFound"/>
<exclude name="WordPress.WP.GlobalVariablesOverride.Prohibited"/>
<!-- DB queries use $wpdb->prepare() — table name interpolation is safe. -->
<exclude name="WordPress.DB.DirectDatabaseQuery.DirectQuery"/>
<exclude name="WordPress.DB.DirectDatabaseQuery.NoCaching"/>
<exclude name="WordPress.DB.PreparedSQL.InterpolatedNotPrepared"/>
<exclude name="WordPress.DB.PreparedSQL.NotPrepared"/>
<exclude name="WordPress.DB.SlowDBQuery.slow_db_query_meta_key"/>
<exclude name="WordPress.DB.SlowDBQuery.slow_db_query_meta_value"/>
<!-- Comment style — not a release blocker. -->
<exclude name="Squiz.Commenting.FunctionComment.Missing"/>
<exclude name="Squiz.Commenting.FunctionComment.MissingParamTag"/>
<exclude name="Squiz.Commenting.FunctionComment.MissingParamComment"/>
<exclude name="Squiz.Commenting.FunctionComment.WrongStyle"/>
<exclude name="Squiz.Commenting.FunctionComment.ParamCommentFullStop"/>
<exclude name="Squiz.Commenting.ClassComment.Missing"/>
<exclude name="Squiz.Commenting.InlineComment.InvalidEndChar"/>
<exclude name="Squiz.Commenting.VariableComment.Missing"/>
<exclude name="Squiz.Commenting.BlockComment.CloserSameLine"/>
<exclude name="Squiz.Commenting.FileComment.Missing"/>
<exclude name="Squiz.Commenting.FileComment.MissingPackageTag"/>
<exclude name="Squiz.Commenting.FileComment.SpacingAfterComment"/>
<exclude name="Generic.Commenting.DocComment.MissingShort"/>
<!-- i18n — translators comments not critical for v1. -->
<exclude name="WordPress.WP.I18n.MissingTranslatorsComment"/>
<!-- PSR-4 namespaced class filenames are valid. -->
<exclude name="WordPress.Files.FileName.InvalidClassFileName"/>
<!-- Hook callbacks require specific signatures — unused params are expected. -->
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.Found"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClassAfterLastUsed"/>
<!-- Yoda conditions — style preference, not a bug. -->
<exclude name="WordPress.PHP.YodaConditions.NotYoda"/>
<!-- REST callbacks validate via permission_callback — nonce not always needed. -->
<exclude name="WordPress.Security.NonceVerification.Recommended"/>
<exclude name="WordPress.Security.NonceVerification.Missing"/>
<!-- Input handling — REST params are validated via schema, not $_POST/$_GET. -->
<exclude name="WordPress.Security.ValidatedSanitizedInput.MissingUnslash"/>
<exclude name="WordPress.Security.ValidatedSanitizedInput.InputNotSanitized"/>
<!-- Silenced errors — imap/regex with user patterns. -->
<exclude name="WordPress.PHP.NoSilencedErrors.Discouraged"/>
<!-- PSR-4 class filenames are valid. -->
<exclude name="WordPress.Files.FileName.InvalidClassFileName"/>
<exclude name="WordPress.Files.FileName.NotHyphenatedLowercase"/>
<!-- Reserved keyword params from WP core signatures. -->
<exclude name="Universal.NamingConventions.NoReservedKeywordParameterNames"/>
<!-- Template output is escaped at render — admin views use WP table helpers. -->
<exclude name="WordPress.Security.EscapeOutput.OutputNotEscaped"/>
<!-- Schema changes are intentional (dbDelta). -->
<exclude name="WordPress.DB.DirectDatabaseQuery.SchemaChange"/>
<!-- Prepare placeholder count — false positives with dynamic IN() clauses. -->
<exclude name="WordPress.DB.PreparedSQLPlaceholders.ReplacementsWrongNumber"/>
<exclude name="WordPress.DB.PreparedSQLPlaceholders.UnfinishedPrepare"/>
<!-- extract() used in template loading — controlled input. -->
<exclude name="WordPress.PHP.DontExtract.extract_extract"/>
<!-- Minor style issues. -->
<exclude name="Generic.Strings.UnnecessaryStringConcat.Found"/>
<exclude name="Squiz.PHP.CommentedOutCode.Found"/>
<exclude name="Universal.ControlStructures.DisallowLonelyIf.Found"/>
<exclude name="Generic.Commenting.DocComment.ShortNotCapital"/>
</rule>
<!-- Namespaced plugin prefixes. -->
<rule ref="WordPress.NamingConventions.PrefixAllGlobals">
<properties>
<property name="prefixes" type="array">
<element value="jetonomy"/>
<element value="Jetonomy"/>
<element value="JETONOMY"/>
</property>
</properties>
</rule>
<!-- Text domain for i18n. -->
<rule ref="WordPress.WP.I18n">
<properties>
<property name="text_domain" type="array">
<element value="jetonomy"/>
</property>
</properties>
</rule>
<!-- Custom capabilities. -->
<rule ref="WordPress.WP.Capabilities">
<properties>
<property name="custom_capabilities" type="array">
<element value="jetonomy_manage_spaces"/>
<element value="jetonomy_manage_categories"/>
<element value="jetonomy_moderate_content"/>
<element value="jetonomy_moderate"/>
<element value="jetonomy_create_spaces"/>
<element value="jetonomy_create_posts"/>
<element value="jetonomy_view_content"/>
<element value="jetonomy_ban_users"/>
<element value="jetonomy_manage_users"/>
<element value="jetonomy_manage_settings"/>
<element value="jetonomy_view_analytics"/>
<element value="jetonomy_vote"/>
</property>
</properties>
</rule>
<!-- Exclude non-source directories. -->
<exclude-pattern>includes/qa/*</exclude-pattern>
<exclude-pattern>vendor/*</exclude-pattern>
<exclude-pattern>node_modules/*</exclude-pattern>
<exclude-pattern>assets/*</exclude-pattern>
</ruleset>