Skip to content
Code style

Plugin check #484

Sign in to view logs

Plugin check

Plugin check #484

Triggered via pull request October 15, 2024 17:45
@tillkrusstillkruss
synchronize #556
feature/plugin-check
Status Failure
Total duration 2m 14s
Artifacts

lint.yml

on: pull_request
EditorConfig
9s
EditorConfig
PluginCheck
1m 52s
PluginCheck
Matrix: phpstan
Fit to window
Zoom out
Zoom in

Annotations

10 errors and 13 warnings
WordPress.Security.EscapeOutput.OutputNotEscaped: includes/class-plugin.php#L1087
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '__'.
WordPress.WP.I18n.NonSingularStringLiteralText: includes/class-plugin.php#L1087
The $text parameter must be a single text string literal. Found: $message
WordPress.Security.EscapeOutput.UnsafePrintingFunction: includes/ui/tabs/diagnostics.php#L19
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
WordPress.WP.I18n.MissingArgDomain: includes/ui/tabs/diagnostics.php#L21
Missing $domain parameter in function call to _e().
WordPress.Security.EscapeOutput.UnsafePrintingFunction: includes/ui/tabs/diagnostics.php#L21
All output should be run through an escaping function (like esc_html_e() or esc_attr_e()), found '_e'.
hidden_files: .editorconfig#L1
Hidden files are not permitted.
hidden_files: .gitattributes#L1
Hidden files are not permitted.
hidden_files: .gitignore#L1
Hidden files are not permitted.
application_detected: phpunit.xml.dist#L1
Application files are not permitted.
application_detected: tests/setup-test.sh#L1
Application files are not permitted.
EditorConfig
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
PHPStan (PHP 8.2; Relay 0.7.0)
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, actions/cache@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
PHPStan (PHP 7.4; Relay 0.7.0)
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, actions/cache@v3. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
WordPress.Security.ValidatedSanitizedInput.InputNotValidated: includes/class-plugin.php#L1079
Detected usage of a possibly undefined superglobal array index: $_POST['nonce']. Use isset() or empty() to check the index exists before using it
WordPress.Security.ValidatedSanitizedInput.MissingUnslash: includes/class-plugin.php#L1079
$_POST['nonce'] not unslashed before sanitization. Use wp_unslash() or similar
WordPress.Security.ValidatedSanitizedInput.InputNotSanitized: includes/class-plugin.php#L1079
Detected usage of a non-sanitized input variable: $_POST['nonce']
WordPress.Security.NonceVerification.Missing: includes/class-plugin.php#L1603
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Missing: includes/class-plugin.php#L1603
Processing form data without nonce verification.
WordPress.Security.NonceVerification.Missing: includes/class-plugin.php#L1603
Processing form data without nonce verification.
plugin_header_invalid_plugin_uri_domain: redis-cache.php#L1
The "Plugin URI" header in the plugin file is not valid.
WordPress.PHP.DevelopmentFunctions.error_log_error_log: tests/PHPStan/bootstrap.php#L6
error_log() found. Debug code should not normally be used in production.
WordPress.PHP.DevelopmentFunctions.prevent_path_disclosure_error_reporting: tests/bootstrap.php#L3
error_reporting() can lead to full path disclosure.
Squiz.PHP.DiscouragedFunctions.Discouraged: tests/bootstrap.php#L5
The use of function ini_set() is discouraged