Releases: WordPress/plugin-check
Releases · WordPress/plugin-check
1.3.0
- Enhancement - Update disallowed domains for Plugin URI check.
- Enhancement - Added new checks for Plugin Header fields: missing plugin description, missing plugin version and invalid plugin version.
- Enhancement - New check for validation of donate link in the readme file.
- Enhancement - Increased severity for wrong Plugin Requires.
- Enhancement - Added check Restrict parse_str() without second argument.
- Enhancement - New check for Disallow usage of HEREDOC and NOWDOC.
- Enhancement - Added acronyms allowed in Trademark checks.
- Enhancement - Added option in CLI to add low severity errors and warnings.
- Enhancement - Change error type for License check error codes.
- Enhancement - Always use prefixed tables during runtime check requests.
- Enhancement - Created a new class for checking licenses.
- Enhancement - Added support for MPL-2.0 license.
- Enhancement - Implement gherkin linter in GH action.
- Enhancement - Update check for Contributors in markdown readme files.
- Enhancement - CLI: Fix confusing runtime environment setup order.
- Enhancement - Allow custom checks to provide installed_paths.
- Enhancement - Improved the use of localhost URLs in the Plugin.
- Enhancement - Documented checks in the plugin.
- Enhancement - Increased severity for Code obfuscation checks.
- Enhancement - Diffentiate between no existent readme and default readme file.
- Enhancement - Encourage developers to use native functions for loading images in templates.
- Enhancement - Added a check for not allowing include libraries already in WordPress core.
- Enhancement - Warning for usage of query_posts() in favor of WP_Query.
- Fix - Fix for the local environment is set up before testing.
- Fix - Fix addon checks not being executed when running runtime checks.
- Fix - Allow
default
as a text domain in the text domain check. - Fix - Allow GitHub URLs in the Plugin URI field.
- Fix - Don't flag Apache license. It's allowed in the WordPress.org plugin repository.
- Fix - Removes the path before the plugin, so it won't affect to badly named files.
1.2.0
- Enhancement - Added a check for badly used names in files.
- Enhancement - Increased severity for
BacktickOperator
,DisallowShortOpenTag
,DisallowAlternativePHPTags
,RestrictedClasses
, andRestrictedFunctions
. - Enhancement - Added security checks to the Plugin repository category.
- Enhancement - Allowed
runtime-set
in code sniffer checks. - Enhancement - Changed warnings to errors in plugin header checks.
- Enhancement - Detect forbidden plugin headers such as repository URIs in the Directory.
- Enhancement - Added a new check for development functions that are not allowed in final plugins.
- Enhancement - Created new images and icons for the plugin.
- Enhancement - Introduced a slug argument in the CLI.
- Enhancement - Added a check for discouraged PHP functions.
- Enhancement - Added validation for Contributors in the readme file.
- Enhancement - Added a warning for mismatched plugin names in the plugin header and readme file.
- Enhancement - Checked for validation of Plugin Header fields: Name, Plugin URI, Description, Author URI, Requires at least, Requires PHP, and Requires Plugins.
- Enhancement - Added a warning if the "Tested up to" value in the readme file exceeds the released version of WordPress.
- Fix - Display a success message if no errors or warnings are found.
- Fix - Made table results responsive.
- Fix - Prevent proceeding to the next check if the Stable Tag value is set to
trunk
. - Fix - Allow runtime initialization even when only add-on checks are requested.
- Fix - Fixed an SPDX warning for the
GPL version 3
license. - Fix - Prevent runtime checks in the CLI context when they cannot be used.
1.1.0
- Feature - New
Non_Blocking_Scripts_Check
(non_blocking_scripts
) runtime check to warn about enqueued scripts that use neitherdefer
norasync
. - Enhancement - Changed the namespace of included checks.
- Enhancement - Introduced severity levels for all errors and warnings.
- Enhancement - CLI: Support checking a plugin from a path or URL.
- Enhancement - Added short descriptions and URLs for each check.
- Enhancement - Improved messaging in check results.
- Enhancement - Updated code obfuscation check with more accurate results.
- Enhancement - Updated plugin review check to flag missing input sanitization (
WordPress.Security.ValidatedSanitizedInput
). - Fix - Improve readme checks to exclude invalid files.
- Fix - Only show edit link if files are actually editable.
1.0.2
- Feature - New
Enqueued_Scripts_Scope_Check
(enqueued_scripts_scope
),Enqueued_Styles_Size_Check
(enqueued_styles_size
) andEnqueued_Resources_Check
(enqueued_resources
) performance checks. - Enhancement - Improved readme check and added a new
wp_plugin_check_ignored_readme_warnings
filter. - Enhancement - New
wp_plugin_check_default_categories
filter to change the categories which are selected by default. - Enhancement - New
wp_plugin_check_ignore_files
filter to allow ignoring specific files. - Fix - Correct detection of readme files in Windows by normalizing file paths.
1.0.1
- Fix - Add missing
test-content
folder needed for runtime checks. - Fix - Do not send emails when setting up test environment.
- Fix - Prevent PHP warning when the
argv
variable isn't set.
1.0.0
- Feature - Complete overhaul of the plugin, its architecture, and all checks.
- Feature - Added new WP-CLI commands for running checks and listing available options.
- Enhancement - Added option to only run checks for a specific category.
0.2.3
- Tweak - Use version 3.8.0 of the PHP_CodeSniffer library, moving away from
squizlabs/PHP_CodeSniffer
to usePHPCSStandards/PHP_CodeSniffer
. - Fix - Ensure the plugin works as expected on the WP playground environment to enable reviewers to use PCP. Props @tellyworth.
- Fix - Undefined array key "argv" when running the plugin check in certain environments. Props @afragen. #340
0.2.2
- Enhancement - Include support for Windows Servers.
- Enhancement - Avoid using PHP CLI directly, which enables plugin developers to use PCP in a variety of new environments.
- Fix - Remove dependency on
shell_exec
andexec
functions, which enables plugin developers to use PCP in a variety of new environments. - Fix - Prevent problems with Readme parser warning related to
contributor_ignored
for when running the check outside WP.org. Props @dev4press. #276 - Fix - Remove extra period on the end of the sentence for Phar warning. Props @pixolin. #275
0.2.1
- Added - 'View in code editor' link beneath each PHPCS error or warning. Props @EvanHerman, @westonruter, @felixarntz, @mukeshpanchal27 #262
- Fix - Ensure
readme.txt
has priority overreadme.md
when both are present. Props @bordoni, @afragen #258 - Fix - Ensure that the PHPCS check runs even when the PHPCS binary is not executable. Props @bordoni, @shawn-digitalpoint, @mrfoxtalbot #254
- Fix - Readme changes and typos. Props @aaronjorbin. #261
- Fix - Long lines of code with PHPCS check no longer expand over the size of the notice. Props @bordoni, @felixarntz. #263
- Fix - Ensure that we have PHP 7.2 compatibility remove trailing comma. Props @bordoni, @leoloso. #265
- Fix - Include all strings that were missed in the previous release. Props @bordoni, @pixolin. #270
0.2.0
- Feature - Enable modification of the PHP Binary path used by the plugin with
PLUGIN_CHECK_PHP_BIN
constant. - Feature - Include a check for the usage of
ALLOW_UNFILTERED_UPLOADS
on any PHP files - Props EvanHerman at #45 - Feature - Include a check for the presence of the application files (
.a
,.bin
,.bpk
,.deploy
,.dist
,.distz
,.dmg
,.dms
,.DS_Store
,.dump
,.elc
,.exe
,.iso
,.lha
,.lrf
,.lzh
,.o
,.obj
,.phar
,.pkg
,.sh
, '.so`) - Props EvanHerman at #43 - Feature - Include a check for the presence of the readme.txt or readme.md file - Props EvanHerman at #42
- Fix - Ensure that Readme parsing is included properly when a readme.md or readme.txt file is present. Props Bordoni #52
- Tweak - Disallow functions
move_uploaded_file
,passthru
,proc_open
- Props alexsanford at #50 - Tweak - Change the message type for using functions WordPress already includes from Warning to Error. Props davidperezgar at #18
- Tweak - Change the message type for incorrect usage of Stable tag from Notice/Warning to Error. Props davidperezgar at #3