WordPress/WordPress-Coding-Standards
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/WordPress/WordPress-Coding-Standards.git synced 2026-04-29 01:33:07 +08:00
Code Issues Projects Packages Wiki Activity Actions
WordPress-Coding-Standards/WordPress-Extra/ruleset.xml
jrfnl 769d4307b1
WordPress-Extra: demand for exit/die to always use parentheses 
_Follow up after PR 2646, pulled separately as the decision point is different._

PHPCSExtra offers two new sniffs to choose from related to whether `exit`/`die` calls should use parentheses or not.

This PR proposes to add one of these rules to WordPress-Extra, with an eye to eventually moving the rule to WordPress-Core after a Make post.

WordPress Core currently contains 395 calls to `exit`/`die`.

If we look at the metrics the new sniffs generate, the current state of WordPress-Core is inconsistent, though leans towards only requiring parentheses when parameters are passed:
```
Exit/die with parentheses:
        no                     =>  275 ( 69.62%)
        yes, with parameter(s) =>   74 ( 18.73%)
        yes                    =>   46 ( 11.65%)
        -----------------------------------------
        total                  =>  395 (100.00%)
```

Having said that, the WordPress Coding Standards handbook already contains the following rule regarding object instantiations, for which parentheses are also optional:

> When instantiating a new object instance, parenthesis must always be used, even when not strictly necessary.

Ref: https://github.com/WordPress/wpcs-docs/blob/master/wordpress-coding-standards/php.md#object-instantiation

In this commit, I propose to add a rule to demand that calls to `exit`/`die` always use parentheses.

Reasoning:
* Creates consistency with the "object instantiations" rule.
* Yes, it will cause code-churn in Core if the rule would get adopted in Core, but it will also create more consistency between calls to `exit`/`die`.
* Demanding parentheses is also in line with PERCS, which means that the rule doesn't raise the barrier to entry for new contributors to WordPress.

Having said this, I can also imagine us holding off on adding this rule to WordPress-Extra and going straight for a Make post to add the rule to WordPress-Core.
This would avoid/prevent confusion if a discussion about this on Make would yield another decision (forbid parentheses except when there are parameters).
2025-11-16 18:34:13 +01:00

214 lines
9.3 KiB
XML
Raw Permalink Blame History

<?xml version="1.0"?>
<ruleset xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="WordPress-Extra" xsi:noNamespaceSchemaLocation="https://schema.phpcodesniffer.com/phpcs.xsd">
<description>Best practices beyond core WordPress Coding Standards</description>
<rule ref="WordPress-Core"/>
<!-- Silence the "no nested dirnames, use $levels" notice, which is included in Core,
as plugin/themes may still support PHP < 7.0. -->
<rule ref="Modernize.FunctionCalls.Dirname.Nested">
<severity>0</severity>
</rule>
<!-- Generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/pull/382 -->
<rule ref="Generic.PHP.DeprecatedFunctions"/>
<rule ref="Generic.PHP.ForbiddenFunctions"/>
<rule ref="Generic.CodeAnalysis.EmptyStatement"/>
<rule ref="Generic.CodeAnalysis.ForLoopShouldBeWhileLoop"/>
<rule ref="Generic.CodeAnalysis.ForLoopWithTestFunctionCall"/>
<rule ref="Generic.CodeAnalysis.JumbledIncrementer"/>
<rule ref="Generic.CodeAnalysis.UnconditionalIfStatement"/>
<rule ref="Generic.CodeAnalysis.UnnecessaryFinalModifier"/>
<rule ref="Generic.CodeAnalysis.UselessOverridingMethod"/>
<rule ref="Generic.Classes.DuplicateClassName"/>
<rule ref="Generic.Strings.UnnecessaryStringConcat">
<properties>
<property name="allowMultiline" value="true"/>
</properties>
</rule>
<rule ref="Generic.Strings.UnnecessaryHeredoc"/>
<rule ref="Generic.WhiteSpace.HereNowdocIdentifierSpacing"/>
<!-- More generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/issues/607 -->
<rule ref="Squiz.PHP.NonExecutableCode"/>
<rule ref="Squiz.Operators.IncrementDecrementUsage"/>
<rule ref="Squiz.Operators.ValidLogicalOperators"/>
<rule ref="Squiz.Functions.FunctionDuplicateArgument"/>
<!-- And even more generic PHP best practices.
https://github.com/WordPress/WordPress-Coding-Standards/pull/809 -->
<rule ref="Squiz.PHP.DisallowSizeFunctionsInLoops"/>
<!-- Do not allow ambiguous conditions.
https://github.com/WordPress/WordPress-Coding-Standards/issues/2429 -->
<rule ref="Generic.CodeAnalysis.RequireExplicitBooleanOperatorPrecedence"/>
<!-- Check that functions use all parameters passed.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1510 -->
<rule ref="Generic.CodeAnalysis.UnusedFunctionParameter">
<!-- Allow for callback functions which may not need all parameters passed. -->
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundBeforeLastUsed"/>
<!-- Allow for functions in extended classes/implemented interfaces. -->
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClass"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClassBeforeLastUsed"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInExtendedClassAfterLastUsed"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterface"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterfaceBeforeLastUsed"/>
<exclude name="Generic.CodeAnalysis.UnusedFunctionParameter.FoundInImplementedInterfaceAfterLastUsed"/>
</rule>
<!-- Do not allow leading underscores in property or method names. Visibility should be used instead.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1101 -->
<rule ref="PSR2.Classes.PropertyDeclaration.Underscore">
<severity>5</severity>
</rule>
<rule ref="PSR2.Methods.MethodDeclaration.Underscore">
<severity>5</severity>
</rule>
<!-- Warn against using fully-qualified class names instead of the self keyword. -->
<rule ref="Squiz.Classes.SelfMemberReference.NotUsed">
<!-- Restore default severity of 5 which WordPress-Core sets to 0. -->
<severity>5</severity>
</rule>
<rule ref="WordPress.Security.EscapeOutput"/>
<!-- Encourage use of wp_safe_redirect() to avoid open redirect vulnerabilities.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1264 -->
<rule ref="WordPress.Security.SafeRedirect"/>
<!-- Verify that a nonce check is done before using values in superglobals.
https://github.com/WordPress/WordPress-Coding-Standards/issues/73 -->
<rule ref="WordPress.Security.NonceVerification"/>
<rule ref="WordPress.PHP.DevelopmentFunctions"/>
<rule ref="WordPress.PHP.DiscouragedPHPFunctions"/>
<rule ref="WordPress.WP.DeprecatedFunctions"/>
<rule ref="WordPress.WP.DeprecatedClasses"/>
<rule ref="WordPress.WP.DeprecatedParameters"/>
<rule ref="WordPress.WP.DeprecatedParameterValues"/>
<rule ref="WordPress.WP.AlternativeFunctions"/>
<rule ref="WordPress.WP.DiscouragedConstants"/>
<rule ref="WordPress.WP.DiscouragedFunctions"/>
<!-- Verify that capabilities are being used correctly. -->
<rule ref="WordPress.WP.Capabilities"/>
<!-- Scripts & style should be enqueued.
https://github.com/WordPress/WordPress-Coding-Standards/issues/35 -->
<rule ref="WordPress.WP.EnqueuedResources"/>
<!-- Warn against overriding WP global variables.
https://github.com/WordPress/WordPress-Coding-Standards/issues/26 -->
<rule ref="WordPress.WP.GlobalVariablesOverride"/>
<!-- Detect incorrect or risky use of the `ini_set()` function.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1447 -->
<rule ref="WordPress.PHP.IniSet"/>
<!-- Check enqueue and register styles and scripts to have version and in_footer parameters explicitly set.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1146 -->
<rule ref="WordPress.WP.EnqueuedResourceParameters"/>
<!-- Check for PHP Parse errors.
https://github.com/WordPress/WordPress-Coding-Standards/issues/522 -->
<rule ref="Generic.PHP.Syntax"/>
<!-- Make the translators comment check which is included in core stricter. -->
<rule ref="WordPress.WP.I18n.MissingTranslatorsComment">
<type>error</type>
</rule>
<rule ref="WordPress.WP.I18n.TranslatorsCommentWrongStyle">
<type>error</type>
</rule>
<!-- Verify that everything in the global namespace is prefixed. -->
<rule ref="WordPress.NamingConventions.PrefixAllGlobals"/>
<!-- Validates post type slugs for valid characters, length and reserved keywords. -->
<rule ref="WordPress.NamingConventions.ValidPostTypeSlug"/>
<!-- https://github.com/WordPress/WordPress-Coding-Standards/issues/1157 -->
<rule ref="WordPress.Security.PluginMenuSlug"/>
<rule ref="WordPress.WP.CronInterval"/>
<rule ref="WordPress.WP.PostsPerPage"/>
<!-- Verify some regex best practices.
https://github.com/WordPress/WordPress-Coding-Standards/issues/1371 -->
<rule ref="WordPress.PHP.PregQuoteDelimiter"/>
<!-- The Core ruleset respects the PHP allowed functions list. For `Extra` the sniff is stricter.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1450 -->
<rule ref="WordPress.PHP.NoSilencedErrors">
<properties>
<property name="usePHPFunctionsList" value="false"/>
</properties>
</rule>
<!-- Commented out code should not be committed.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1463 -->
<rule ref="Squiz.PHP.CommentedOutCode">
<properties>
<property name="maxPercentage" value="40"/>
</properties>
</rule>
<!-- Prevent some typical mistakes people make accidentally.
https://github.com/WordPress/WordPress-Coding-Standards/pull/1777 -->
<rule ref="WordPress.CodeAnalysis.EscapedNotTranslated"/>
<!-- Detects duplicate array keys in array declarations. -->
<rule ref="Universal.Arrays.DuplicateArrayKey"/>
<!-- Disallows return type declarations on constructor/destructor methods,
and constructor/destructor methods returning a value. -->
<rule ref="Universal.CodeAnalysis.ConstructorDestructorReturn"/>
<!-- Detects foreach control structures using the same variable for both key and value. -->
<rule ref="Universal.CodeAnalysis.ForeachUniqueAssignment"/>
<!-- Detects using static instead of self in object-oriented constructs which are final. -->
<rule ref="Universal.CodeAnalysis.StaticInFinalClass"/>
<!-- Disallow if statements, if they are the only statement in an else block. -->
<rule ref="Universal.ControlStructures.DisallowLonelyIf"/>
<!-- Enforce for a file to either declare (global/namespaced) functions
or declare object-oriented structures, but not both. -->
<rule ref="Universal.Files.SeparateFunctionsFromOO"/>
<!-- Detect useless "echo sprintf(...)". -->
<rule ref="Universal.CodeAnalysis.NoEchoSprintf"/>
<!-- Detect use of double negative `!!`. -->
<rule ref="Universal.CodeAnalysis.NoDoubleNegative"/>
<!-- Flags calls to get_*_meta() and get_metadata*() functions
that include the $[meta_]key parameter but omit the $single parameter.
https://github.com/WordPress/WordPress-Coding-Standards/issues/2459 -->
<rule ref="WordPress.WP.GetMetaSingle"/>
<!--
#############################################################################
Code style sniffs for more recent PHP features and syntaxes.
#############################################################################
-->
<!-- Check for single blank line after namespace declaration. -->
<rule ref="PSR2.Namespaces.NamespaceDeclaration"/>
<!-- Do not allow spacing inside the brackets for attributes. -->
<rule ref="Universal.Attributes.BracketSpacing"/>
<!-- Forbid parentheses for attribute instantiations without parameters. -->
<rule ref="Universal.Attributes.DisallowAttributeParentheses"/>
<!-- Require parentheses when calling exit/die. -->
<rule ref="Universal.PHP.RequireExitDieParentheses"/>
</ruleset>
Reference in a new issue View git blame Copy permalink