[wp-trac] [WordPress Trac] #44058: Include security sniffs in PHPCS ruleset
WordPress Trac
noreply at wordpress.org
Wed May 16 18:31:10 UTC 2018
#44058: Include security sniffs in PHPCS ruleset
-------------------------+-------------------------------
Reporter: iandunn | Owner: (none)
Type: enhancement | Status: new
Priority: normal | Milestone: Future Release
Component: Security | Version:
Severity: normal | Resolution:
Keywords: | Focuses: coding-standards
-------------------------+-------------------------------
Changes (by iandunn):
* keywords: needs-patch =>
Comment:
Thanks for the background info Juliette! I agree on both !#1 and !#2.
Assuming !#2 doesn't change, though, I'm guessing it'd be relatively easy
to make the XSS sniff ignore translated strings? That should cut the
`5500` number down quite a bit. If it ''does'' change, then I'm assuming
`phpcbf` could fix them automatically.
I don't think adding a bunch of new errors is necessarily a big deal,
though, since it's easy to [https://make.wordpress.org/core/handbook/best-
practices/commit-messages/#before-a-commit filter the phpcs report to
only the lines that were modified] while working on a patch. Then, we
could clean up errors in old code as a dedicated task, without it getting
in the way of new work.
What do you think?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/44058#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list