first steps toward getting started #90
Conversation
docs/tutorial/getting-started.md
Outdated
| $ brew install composer | ||
| ``` | ||
|
|
||
| The only global package currently needed is PHP CodeSniffer, and the WordPress |
There was a problem hiding this comment.
I never did any of these global phpcs steps. Maybe we add that to an advanced setup doc and focus this on the core seeing as how I never did this and didn't notice for this long lol?
There was a problem hiding this comment.
I'm 47% sure my composer security still works as expected but I may need help confirming.
There was a problem hiding this comment.
Hmm... let me identify a step to confirm whether composer security does something. What happens now when you type that command?
There was a problem hiding this comment.
FWIW, this is what I see when I run the command at the moment:
% composer security
> phpcs --standard=phpcs.security.xmlThere was a problem hiding this comment.
So, one way to confirm that Composer is successfully running the check:
- Find any instance of
phpcs:disablein the codebase, and remove that line. One example is this: https://github.com/MITLibraries/mitlib-wp-network/blob/master/web/app/themes/mitlib-child/functions.php#L214 - With that line removed, there is now something for the security check to find. This should now be the output when running
composer security
% composer security
> phpcs --standard=phpcs.security.xml
FILE: /Users/mjbernha/lando/mitlib-wp-network/web/app/themes/mitlib-child/functions.php
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
214 | ERROR | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$output'.
| | (WordPress.Security.EscapeOutput.OutputNotEscaped)
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Time: 1.39 secs; Memory: 10MB
Script phpcs --standard=phpcs.security.xml handling the security event returned with error code 1There was a problem hiding this comment.
In terms of this PR, if your setup works as described above with composer security, then I think I'm fine with moving this section to a "further setup" document or something? Does that sound good to you?
There was a problem hiding this comment.
Yeah that works the same for me after removing the two lines from the child themes functions.php.
[I] ⋊> ~/p/mitlib-wp-network on hours composer security
> phpcs --standard=phpcs.security.xml
FILE: /Users/jprevost/projects/mitlib-wp-network/web/app/themes/mitlib-child/functions.php
----------------------------------------------------------------------------------------------------------------------------------------------------------------
FOUND 1 ERROR AFFECTING 1 LINE
----------------------------------------------------------------------------------------------------------------------------------------------------------------
214 | ERROR | All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$output'.
| | (WordPress.Security.EscapeOutput.OutputNotEscaped)
----------------------------------------------------------------------------------------------------------------------------------------------------------------
Time: 2.35 secs; Memory: 10MB
** Why are these changes being introduced: * It turns out that part of the setup which I'd included in the Getting Started tutorial may actually not be needed to get started. ** Relevant ticket(s): n/a ** How does this address that need: * This moves the extra bits about setting up PHP CodeSniffer locally, and the WordPress coding standards, to a separate tutorial with a more advanced focus. ** Document any side effects to this change: * Hopefully none
matt-bernhardt
force-pushed
the
getting-started
branch
from
e792e39 to
23f1991
Compare
|
Okay @JPrevost - I've split that section out to a separate tutorial, leaving behind a more minimal Composer setup step. Does this look better / more like what you followed? |
| We currently use the latest release on the 8.0.x branch, using commands such as: | ||
|
|
||
| ```bash | ||
| $ brew install php@8.0 |
There was a problem hiding this comment.
php --version 15:31:19
PHP 8.2.4 (cli) (built: Mar 16 2023 16:25:32) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.2.4, Copyright (c) Zend Technologies
with Zend OPcache v8.2.4, Copyright (c), by Zend Technologies
uh... oops
There was a problem hiding this comment.
Hopefully that bodes well for when we get around to upgrading PHP versions :-)
disable revisions by setting false or 0 roots/bedrock#658
2 participants
This adds a "Getting Started" tutorial article. Right now it is at best half-written, with an emphasis on commands to run to set up the prerequisite tools.
The project readme will probably need to change as a result of writing this article, but I haven't thought about that yet.
Developer
Secrets
Documentation
Accessibility
our guide and
all issues introduced by these changes have been resolved or opened as new
issues (link to those issues in the Pull Request details above)
Stakeholder approval
Dependencies
NO dependencies are updated
Code Reviewer
(not just this pull request message)