Skip to content

Releases: WordPress/plugin-check

1.3.0

01 Dec 19:43
bea9cb5
Compare
Choose a tag to compare
  • Enhancement - Update disallowed domains for Plugin URI check.
  • Enhancement - Added new checks for Plugin Header fields: missing plugin description, missing plugin version and invalid plugin version.
  • Enhancement - New check for validation of donate link in the readme file.
  • Enhancement - Increased severity for wrong Plugin Requires.
  • Enhancement - Added check Restrict parse_str() without second argument.
  • Enhancement - New check for Disallow usage of HEREDOC and NOWDOC.
  • Enhancement - Added acronyms allowed in Trademark checks.
  • Enhancement - Added option in CLI to add low severity errors and warnings.
  • Enhancement - Change error type for License check error codes.
  • Enhancement - Always use prefixed tables during runtime check requests.
  • Enhancement - Created a new class for checking licenses.
  • Enhancement - Added support for MPL-2.0 license.
  • Enhancement - Implement gherkin linter in GH action.
  • Enhancement - Update check for Contributors in markdown readme files.
  • Enhancement - CLI: Fix confusing runtime environment setup order.
  • Enhancement - Allow custom checks to provide installed_paths.
  • Enhancement - Improved the use of localhost URLs in the Plugin.
  • Enhancement - Documented checks in the plugin.
  • Enhancement - Increased severity for Code obfuscation checks.
  • Enhancement - Diffentiate between no existent readme and default readme file.
  • Enhancement - Encourage developers to use native functions for loading images in templates.
  • Enhancement - Added a check for not allowing include libraries already in WordPress core.
  • Enhancement - Warning for usage of query_posts() in favor of WP_Query.
  • Fix - Fix for the local environment is set up before testing.
  • Fix - Fix addon checks not being executed when running runtime checks.
  • Fix - Allow default as a text domain in the text domain check.
  • Fix - Allow GitHub URLs in the Plugin URI field.
  • Fix - Don't flag Apache license. It's allowed in the WordPress.org plugin repository.
  • Fix - Removes the path before the plugin, so it won't affect to badly named files.

1.2.0

09 Oct 18:36
9079085
Compare
Choose a tag to compare
  • Enhancement - Added a check for badly used names in files.
  • Enhancement - Increased severity for BacktickOperator, DisallowShortOpenTag, DisallowAlternativePHPTags, RestrictedClasses, and RestrictedFunctions.
  • Enhancement - Added security checks to the Plugin repository category.
  • Enhancement - Allowed runtime-set in code sniffer checks.
  • Enhancement - Changed warnings to errors in plugin header checks.
  • Enhancement - Detect forbidden plugin headers such as repository URIs in the Directory.
  • Enhancement - Added a new check for development functions that are not allowed in final plugins.
  • Enhancement - Created new images and icons for the plugin.
  • Enhancement - Introduced a slug argument in the CLI.
  • Enhancement - Added a check for discouraged PHP functions.
  • Enhancement - Added validation for Contributors in the readme file.
  • Enhancement - Added a warning for mismatched plugin names in the plugin header and readme file.
  • Enhancement - Checked for validation of Plugin Header fields: Name, Plugin URI, Description, Author URI, Requires at least, Requires PHP, and Requires Plugins.
  • Enhancement - Added a warning if the "Tested up to" value in the readme file exceeds the released version of WordPress.
  • Fix - Display a success message if no errors or warnings are found.
  • Fix - Made table results responsive.
  • Fix - Prevent proceeding to the next check if the Stable Tag value is set to trunk.
  • Fix - Allow runtime initialization even when only add-on checks are requested.
  • Fix - Fixed an SPDX warning for the GPL version 3 license.
  • Fix - Prevent runtime checks in the CLI context when they cannot be used.

1.1.0

28 Aug 12:38
07dbc1d
Compare
Choose a tag to compare
  • Feature - New Non_Blocking_Scripts_Check (non_blocking_scripts) runtime check to warn about enqueued scripts that use neither defer nor async.
  • Enhancement - Changed the namespace of included checks.
  • Enhancement - Introduced severity levels for all errors and warnings.
  • Enhancement - CLI: Support checking a plugin from a path or URL.
  • Enhancement - Added short descriptions and URLs for each check.
  • Enhancement - Improved messaging in check results.
  • Enhancement - Updated code obfuscation check with more accurate results.
  • Enhancement - Updated plugin review check to flag missing input sanitization (WordPress.Security.ValidatedSanitizedInput).
  • Fix - Improve readme checks to exclude invalid files.
  • Fix - Only show edit link if files are actually editable.

1.0.2

09 Jul 12:20
68a7139
Compare
Choose a tag to compare
  • Feature - New Enqueued_Scripts_Scope_Check (enqueued_scripts_scope), Enqueued_Styles_Size_Check (enqueued_styles_size) and Enqueued_Resources_Check (enqueued_resources) performance checks.
  • Enhancement - Improved readme check and added a new wp_plugin_check_ignored_readme_warnings filter.
  • Enhancement - New wp_plugin_check_default_categories filter to change the categories which are selected by default.
  • Enhancement - New wp_plugin_check_ignore_files filter to allow ignoring specific files.
  • Fix - Correct detection of readme files in Windows by normalizing file paths.

1.0.1

14 Feb 19:01
7c3f6d4
Compare
Choose a tag to compare
  • Fix - Add missing test-content folder needed for runtime checks.
  • Fix - Do not send emails when setting up test environment.
  • Fix - Prevent PHP warning when the argv variable isn't set.

1.0.0

13 Feb 16:57
c82b335
Compare
Choose a tag to compare
  • Feature - Complete overhaul of the plugin, its architecture, and all checks.
  • Feature - Added new WP-CLI commands for running checks and listing available options.
  • Enhancement - Added option to only run checks for a specific category.

0.2.3

22 Dec 02:45
0.2.3
ee72cbe
Compare
Choose a tag to compare
0.2.3 Pre-release
Pre-release
  • Tweak - Use version 3.8.0 of the PHP_CodeSniffer library, moving away from squizlabs/PHP_CodeSniffer to use PHPCSStandards/PHP_CodeSniffer.
  • Fix - Ensure the plugin works as expected on the WP playground environment to enable reviewers to use PCP. Props @tellyworth.
  • Fix - Undefined array key "argv" when running the plugin check in certain environments. Props @afragen. #340

0.2.2

14 Dec 05:21
0.2.2
0c9e2d1
Compare
Choose a tag to compare
0.2.2 Pre-release
Pre-release
  • Enhancement - Include support for Windows Servers.
  • Enhancement - Avoid using PHP CLI directly, which enables plugin developers to use PCP in a variety of new environments.
  • Fix - Remove dependency on shell_exec and exec functions, which enables plugin developers to use PCP in a variety of new environments.
  • Fix - Prevent problems with Readme parser warning related to contributor_ignored for when running the check outside WP.org. Props @dev4press. #276
  • Fix - Remove extra period on the end of the sentence for Phar warning. Props @pixolin. #275

0.2.1

22 Sep 22:01
0.2.1
3d25aa5
Compare
Choose a tag to compare
0.2.1 Pre-release
Pre-release

0.2.0

15 Sep 04:50
0.2.0
6d79196
Compare
Choose a tag to compare
0.2.0 Pre-release
Pre-release
  • Feature - Enable modification of the PHP Binary path used by the plugin with PLUGIN_CHECK_PHP_BIN constant.
  • Feature - Include a check for the usage of ALLOW_UNFILTERED_UPLOADS on any PHP files - Props EvanHerman at #45
  • Feature - Include a check for the presence of the application files (.a, .bin, .bpk, .deploy, .dist, .distz, .dmg, .dms, .DS_Store, .dump, .elc, .exe, .iso, .lha, .lrf, .lzh, .o, .obj, .phar, .pkg, .sh, '.so`) - Props EvanHerman at #43
  • Feature - Include a check for the presence of the readme.txt or readme.md file - Props EvanHerman at #42
  • Fix - Ensure that Readme parsing is included properly when a readme.md or readme.txt file is present. Props Bordoni #52
  • Tweak - Disallow functions move_uploaded_file, passthru, proc_open - Props alexsanford at #50
  • Tweak - Change the message type for using functions WordPress already includes from Warning to Error. Props davidperezgar at #18
  • Tweak - Change the message type for incorrect usage of Stable tag from Notice/Warning to Error. Props davidperezgar at #3