Release WordPressCS 3.1.0 #2439
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit adds an initial Dependabot configuration to:
* Submit pull requests for security updates and version updates for GH Action runner dependencies.
At a later point in time, we could consider enabling it for Composer dependencies as well.
The configuration has been set up to:
* Run weekly (for now).
* Submit a maximum of 5 pull requests at a time.
If additional pull requests are needed, these will subsequently be submitted the next time Dependabot runs after one or more of the open pull requests have been merged.
* The commit messages for PRs submitted by Dependabot will be prefixed according the unofficial conventions used in this repo up to now.
* The PRs will automatically be labelled with an appropriate label as already in use in this repo.
Refs:
* https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
* https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy
…-for-ghactions
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Fix the release date in the changelog
…ions/checkout-4
The posts per page sniff should bail out early if empty string is passed as a value. The tests were added for both posts per page sniff and slow db query sniff, to check if empty string is passed as a value. In the case of SlowDBQuery the sniff should flag cases where there is and isn't a value passed, as that sniff will always flag whenever meta_key and meta_value are used in a query.
Add defensive coding in posts per page sniff
Just noticed this didn't display as intended.
Looks like this one was missed in previous update rounds (not that it is a valid URL anyway.
* Update a URL which is no longer valid. * Ensure all steps have a name.
... which is expected later today. * Builds against PHP 8.3 are no longer allowed to fail. * Add _allowed to fail_ build against PHP 8.4.
…it-update-list IsUnitTestTrait: add new testcase as introduced in WP Core
Ruleset: update a URL
GH Actions: minor tweaks
GH Actions: update for the release of PHP 8.3
PHPCSExtra 1.2.0 was released yesterday and contains two new sniffs which IMO would be suitable for adding to WordPressCS. Includes raising the minimum supported PHPCSExtra version. (will conflict with PR 2408 and will need rebase depending on which is merged first) Ref: * https://github.com/PHPCSStandards/PHPCSExtra/releases/tag/1.2.0
The WP PHP Open Collective, aside from the name conveying the completely wrong message, has so far not been in touch with us about how funds can be released or anything else. This seems like a dead-end. Switching to the PHP_CodeSniffer Open Collective makes more sense (to me). Happy to have a discussion about this.
Use two new sniffs from PHPCSExtra 1.2.0
The path of the test case file used in the example of how to generate the list of expected lines with errors is wrong. This commit fixes it. I believe it was changed by mistake in 4a33d46#diff-98e64bc1cd2db9333c6effe87bbe0d6dfe8714aba4c6bde45aa037fe0796e44cR141. If we want to keep the current path for some reason, we might want to change the part that says "from the root directory of your WordPressCS clone".
... caused by improved, but not 100% correct, type information coming from PHPCSUtils. This incorrect type info will be fixed in the next version of PHPCSUtils.
Update funding information
PHPStan: ignore two new issues
The Squizlabs repo has been abandoned. The project continues in a fork in the PHPCSStandards organisation. Ref: * squizlabs/PHP_CodeSniffer 3932
In contrast to earlier information, arrangements are now being made to allow the package to continue under its original name on Packagist. The commit (in the new repo) to rename the package [has been reverted](PHPCSStandards/PHP_CodeSniffer#135).
... for improved PHP 8.2 support.
... after the tooling has also updated to the PHPCSStandards version of PHPCS. Refs: * https://github.com/PHPCSStandards/PHPCSUtils/releases * https://github.com/PHPCSStandards/PHPCSExtra/releases
This new PHPCS 3.9.0 sniff will flag code which contains a `||` and a `&&` operator in the same condition and their precedence is not clarified via parenthesis. This should allow for users of WPCS to find/prevent some bugs in code. I'd personally would **_highly_** recommend for WP Core to also use this sniff, but I suspect that will need due discussion/Make post/handbook change. Note: running this sniff on WP Core as-is, would (to my surprise) not actually trigger any new errors. Includes updating a code snippet in the Ruleset test to comply.
Upstream a PR is open - and will be merged soon - to change the protection against the `Squiz` sniff, which this sniff extends, handling operators found in `declare()` statements. In particular, the PR is about how the sniff handles parse errors/live coding for declare statements. As the WPCS sniff calls the parent `register()` method and falls through to the parent `process()` method, the WPCS sniff should automatically get that extra protection too. This commit just adds an extra test to the `WordPress.WhiteSpace.OperatorSpacing` to safeguard things.
Extra: do not allow ambiguous conditions (needs PHPCS 3.9.0)
…with-upstream-289 WhiteSpace/OperatorSpacing: add extra test
Bumps [mondeja/remove-labels-gh-action](https://github.com/mondeja/remove-labels-gh-action) from 1 to 2. - [Release notes](https://github.com/mondeja/remove-labels-gh-action/releases) - [Commits](mondeja/remove-labels-gh-action@v1...v2) --- updated-dependencies: - dependency-name: mondeja/remove-labels-gh-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
PHPCSUtils 1.0.10 has been released, which fixes two false positives, meaning these ignore annotations can now be removed (as per the inline comments). Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10
PHPStan config: update for release of PHPCSUtils 1.0.10
…deja/remove-labels-gh-action-2 GH Actions: Bump mondeja/remove-labels-gh-action from 1 to 2
…n WP 6.5-RC3 Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
…ist based on WP 6.5-RC3 Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803. Includes tests.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803. Includes tests.
The minimum version should be three versions behind the latest WP release, so what with 6.5 being in RC, to be released on next week, it should now become 6.2. Includes updating the tests to match. Previous: 2121, 2321
Nothing major in the 1.0.10 release, but updating the requirement prevents us having to deal with invalid bug reports when people would already be running WPCS against PHP 8.4, as two issues related to a PHP 8.4 deprecation have been fixed. Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10
…ffs-wp-6.5 Update list based sniffs for WP 6.5
…utils Composer: raise the minimum supported PHPCSUtils version to 1.0.10
GaryJones
approved these changes
Mar 22, 2024
dingo-d
approved these changes
Mar 24, 2024
Correct. Glad to see I didn't make the typo in the actual changelog 😁 |
Changelog for the release of WordPressCS 3.1.0
|
Core ticket: https://core.trac.wordpress.org/ticket/60840 |
|
Release tweet: https://twitter.com/jrf_nl/status/1772308372349440306 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Please do add approvals if you agree as otherwise we won't be able to release.
PR for tracking changes for the 3.1.0 release. Target release date: Monday March 25, 2024.
Release checklist
General
composer.json- PR Composer: raise the minimum supported PHPCSUtils version to 1.0.10 #2437MinimumWPVersionTrait::$default_minimum_wp_versionand if so, action it - PR Update list based sniffs for WP 6.5 #2436✏️ Make sure the "last updated" annotation in the docblocks for these lists has also been updated!
List based sniffs:
WordPress.WP.ClassNameCase- PR Update list based sniffs for WP 6.5 #2436WordPress.WP.DeprecatedClasses- PR Update list based sniffs for WP 6.5 #2436WordPress.WP.DeprecatedFunctions- PR Update list based sniffs for WP 6.5 #2436WordPress.WP.DeprecatedParameters- N/AWordPress.WP.DeprecatedParameterValues- N/A$allowed_core_constantsinWordPress.NamingConventions.PrefixAllGlobals- N/A$pluggable_functionsinWordPress.NamingConventions.PrefixAllGlobals- PR Update list based sniffs for WP 6.5 #2436$pluggable_classesinWordPress.NamingConventions.PrefixAllGlobals- N/A$target_functionsinWordPress.Security.PluginMenuSlug- N/A$reserved_namesinWordPress.NamingConventions.ValidPostTypeSlug- PR Update list based sniffs for WP 6.5 #2436$wp_time_constantsinWordPress.WP.CronInterval- N/A$known_test_classesinIsUnitTestTrait- PR IsUnitTestTrait: add new testcase as introduced in WP Core #2407Release prep
✏️ Remember to add a release link at the bottom!
README(if applicable) - N/ARelease
main(careful, GH defaults todevelop!) & copy & paste the changelog to it.✏️ Check if anything from the link collection at the bottom of the changelog needs to be copied in!
developto be equal tomain.After release
Publicize