Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Leveraging the WordPress Coding Standards to review plugins and themes

Leveraging the WordPress Coding Standards to review plugins and themes

Presented on November 25, 2017 at Wordcamp Utrecht, Utrecht, The Netherlands.
https://2017.utrecht.wordcamp.org/
---------------------------------------------------------------
In contrast to most coding standards, the WordPress Coding Standards are about so much more than just (code) style. It is about best practices, modern code, preventing conflicts with other themes and plugins and can even help safeguard you against some common security vulnerabilities.

No matter whether you are a developer or you can’t tell divs from eval’s, the WordPress Coding Standards can help you. Let me tell you how…

------------------------------------
Links mentioned in the slides:

Slide 4:
* https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards

Slide 12:
* https://github.com/jrfnl/QA-WP-Projects

Slide 13:
* http://php.net/download
* https://getcomposer.org/download/
* https://github.com/jrfnl/QA-WP-Projects

Slide 35:
* https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/issues/1157

Juliette Reinders Folmer

November 25, 2017
Tweet

More Decks by Juliette Reinders Folmer

Other Decks in Programming

Transcript

  1. Leveraging the WordPress
    Coding Standards to Review
    Plugins and Themes

    View full-size slide

  2. Hello!
    Juliette
    Reinders Folmer
    @jrf_nl @jrfnl

    View full-size slide

  3. https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards

    View full-size slide

  4. PHP CodeSniffer
    by

    View full-size slide

  5. How It Works
    rulesets sniffs checks

    View full-size slide

  6. Code Style
    Documentation
    Code Smells
    Code Metrics
    Best
    Practices
    Code
    Compatibility

    View full-size slide

  7. Before you start:
    Basic checks
    Nikolay Bachiyski

    View full-size slide

  8. Basic Checks  Uses GitHub ? 
     Uses PHPCS and/or
    other QA tools ? 
     Has (Unit) Tests ? 

    View full-size slide

  9. Reviewing
    with
    PHP CodeSniffer
    Nikolay Bachiyski

    View full-size slide

  10. QA WP Projects
    PHP
    Compatibility
    Standard
    WordPress
    Coding
    Standards
    PHP
    Codesniffer
    PHP
    LOC
    Bonus:

    View full-size slide

  11. https://github.com/jrfnl/QA-WP-Projects

    View full-size slide

  12. PHP
    • http://php.net/download
    Composer
    • https://getcomposer.org/download/
    QA-WP-
    Projects
    • https://github.com/jrfnl/QA-WP-Projects
    • Either download the latest release as a zip or clone using git
    • Run: composer install

    View full-size slide

  13. Before Running the
    QA Test
     Download a copy of the
    plugin/theme

    View full-size slide

  14. Sizing up the codebase
    vendor/bin> phploc
    ./path/to/plugin-root/
    --exclude=tests

    View full-size slide

  15. Before Running the
    QA Test
     Download a copy of the
    plugin/theme
     Check the PHP version of the
    deployment environment
     Check Readme.txt for minimum
    supported WP version
     Check main plugin/theme file for
    the text-domain
    Header: Text Domain: my-plugin
     "Guess" the plugin/theme prefixes

    View full-size slide

  16. Running the checks
    vendor/bin> phpcs
    ./path/to/plugin-root/
    --standard=WP-QA-Basic
    --report-full --report-source --report-summary
    --basepath=./path/to/plugin-root/
    --runtime-set testVersion 5.6-
    --runtime-set minimum_supported_wp_version 4.5
    --ignore=./path/to/plugin-root/tests/
    --runtime-set text_domain plugin-slug
    --runtime-set prefixes plugin_prefix,plugin_acronym
    WP-QA-Strict

    View full-size slide

  17. Interpreting
    the Results
    Nikolay Bachiyski

    View full-size slide

  18. Dawn Armfield
    Dangerous Code

    View full-size slide

  19. pelican
    Untestable Code

    View full-size slide

  20. Outdated Code Benjamin Earwicker

    View full-size slide

  21. Ashim D'Silva
    Messy Code

    View full-size slide

  22. Incompatible Code – PHP

    View full-size slide

  23. Jenn Vargas
    Incompatible Code - WP

    View full-size slide

  24. Play4smee
    Conflicting Code (Strict)

    View full-size slide

  25. Lyn Belisle
    Potentially Insecure Code (Strict)

    View full-size slide

  26. Vera Kratochvil
    Internationalization Issues (Strict)

    View full-size slide

  27. Baydog64
    Potentially Buggy Code (Strict)

    View full-size slide

  28. jschumacher
    Sloppy Code (Strict)

    View full-size slide

  29. --ignore-annotations

    View full-size slide

  30. https://github.com/
    WordPress-Coding-Standards/
    WordPress-Coding-Standards/
    issues/1157
    WPCS native support

    View full-size slide

  31. Thanks!
    Any
    questions ?
    Slides: https://speakerdeck.com/jrf
    Code: https://github.com/jrfnl/
    qa-wp-projects
    @jrf_nl @jrfnl @jrf

    View full-size slide