Update PHP Standards.

HM/ruleset.xml

@@ -1,33 +1,25 @@
 <?xml version="1.0"?>
 <ruleset name="HM">
-	<description>Sniffs for the coding standards of the WP-API plugin</description>
 
-	<!-- vendor/humanmade/coding-standards, -->
+	<description>Human Made coding standards.</description>
+
 	<config name="installed_paths" value="vendor/wp-coding-standards/wpcs,vendor/fig-r/psr2r-sniffer" />
 
-	<exclude-pattern>vendor/*</exclude-pattern>
+	<file>.</file>
+
 	<exclude-pattern>node_modules/*</exclude-pattern>
-	<exclude-pattern>*.js</exclude-pattern>
-	<exclude-pattern>*.css</exclude-pattern>
-
-	<autoload>./bootstrap.php</autoload>
-
-	<!-- Include everything in the VIP standard... -->
-	<rule ref="WordPress-VIP">
-		<!-- ...Except for VIP-specific things -->
-		<exclude name="WordPress.VIP.FileSystemWritesDisallow" />
-		<exclude name="WordPress.VIP.RestrictedFunctions" />
-		<exclude name="WordPress.VIP.RestrictedVariables" />
-		<exclude name="WordPress.VIP.SuperGlobalInputUsage" />
-		<exclude name="WordPress.VIP.ValidatedSanitizedInput" />
-		<exclude name="WordPress.VIP.DirectDatabaseQuery" />
-		<exclude name="WordPress.XSS.EscapeOutput" />
-		<exclude name="WordPress.VIP.AdminBarRemoval" />
-
-		<!-- Allow with or without semicolons -->
+	<exclude-pattern>vendor/*</exclude-pattern>
+
+	<arg name="basepath" value="." />
+	<arg name="extensions" value="php" />
+
+	<autoload>bootstrap.php</autoload>
+
+	<rule ref="WordPress-Core">
+		<!-- Allow with or without semicolons. -->
 		<exclude name="Squiz.PHP.EmbeddedPhp.NoSemicolon" />
 
-		<!-- Exclude other conflicting rules -->
+		<!-- Exclude other conflicting rules. -->
 		<exclude name="WordPress.Arrays.MultipleStatementAlignment.DoubleArrowNotAligned" />
 		<exclude name="WordPress.PHP.DevelopmentFunctions.error_log_trigger_error" />
 		<exclude name="Generic.Formatting.MultipleStatementAlignment.NotSameWarning" />
@@ -53,88 +45,82 @@
 		-->
 		<exclude name="WordPress.PHP.YodaConditions" />
 
+		<exclude name="WordPress.Security.EscapeOutput" />
 	</rule>
 
-	<!-- Allow the use of filesystem functions -->
-	<rule ref="WordPress.WP.AlternativeFunctions">
+	<!-- Prefer alignment over line length. -->
+	<rule ref="WordPress.Arrays.MultipleStatementAlignment">
 		<properties>
-			<property name="exclude" value="file_get_contents,file_system_read" />
+			<property name="maxColumn" value="1000" />
 		</properties>
 	</rule>
 
-	<!-- Allow . in hook names -->
+	<rule ref="WordPress.DB.SlowDBQuery" />
+
+	<!-- Allow . in hook names. -->
 	<rule ref="WordPress.NamingConventions.ValidHookName">
 		<properties>
-			<property name="additionalWordDelimiters" value="."/>
+			<property name="additionalWordDelimiters" value="." />
 		</properties>
 	</rule>
 
-	<!-- Prefer alignment over line length -->
-	<rule ref="WordPress.Arrays.MultipleStatementAlignment">
+	<rule ref="WordPress.Security.PluginMenuSlug" />
+	<rule ref="WordPress.Security.PluginMenuSlug.Using__FILE__">
+		<type>error</type>
+	</rule>
+
+	<!-- Allow the use of filesystem functions. -->
+	<rule ref="WordPress.WP.AlternativeFunctions">
 		<properties>
-			<property name="maxColumn" value="1000"/>
+			<property name="exclude" value="file_get_contents,file_system_read" />
 		</properties>
 	</rule>
 
-	<!--
-	HM Rules / HM RULEZZZZ
-
-	http://engineering.hmn.md/style/php/
-	-->
-
-	<!-- File Layout: Declare symbols or run code, but not both. -->
-		<rule ref="PSR1.Files.SideEffects" />
-
-	<!-- File Layout: Classes in own file. -->
-		<!-- Handled in Classes/OnlyClassInFileSniff -->
-		<!-- Also handled in PSR1.Classes.ClassDeclaration below. -->
-
-	<!-- File Layout: Order: `namespace`, `use`, `const`, code -->
-		<!-- Handled in Layout/OrderSniff -->
-
-	<!-- File Naming: `name/space/` -->
-		<!-- Handled in Files/NamespaceDirectoryNameSniff -->
-
-	<!-- File Naming: `class-classname.php` -->
-		<!-- Handled in Files/ClassNameFileSniff -->
+	<rule ref="WordPress.WP.CronInterval" />
+	<rule ref="WordPress.WP.CronInterval.CronSchedulesInterval">
+		<type>error</type>
+		<message>Scheduling crons at %s sec ( less than %s minutes ) is prohibited.</message>
+	</rule>
 
-	<!-- File Naming: `namespace.php` -->
-		<!-- Handled in Files/FunctionFileNameSniff -->
+	<rule ref="WordPress.WP.PostsPerPage" />
+	<rule ref="WordPress.WP.PostsPerPage.posts_per_page_numberposts">
+		<type>error</type>
+	</rule>
+	<rule ref="WordPress.WP.PostsPerPage.posts_per_page_posts_per_page">
+		<type>error</type>
+	</rule>
 
-	<!-- File Naming: `plugin.php` or `functions.php` -->
+	<rule ref="WordPress.WP.TimezoneChange" />
 
-	<!-- Namespacing: Required for classes -->
-		<rule ref="PSR1.Classes.ClassDeclaration" />
+	<!--
+	HM Rules / HM RULEZZZZ
 
-	<!-- Namespacing: Required for functions -->
-		<!-- Handled in Functions/NamespacedFunctionsSniff -->
-		<rule ref="PSR2.Namespaces.NamespaceDeclaration" />
+	https://engineering.hmn.md/how-we-work/style/php/
+	-->
 
-	<!-- Namespacing: `use` statements -->
-		<rule ref="PSR2.Namespaces.UseDeclaration">
-			<exclude name="PSR2.Namespaces.UseDeclaration.MultipleDeclarations" />
-		</rule>
-		<rule ref="PSR2R.Namespaces.UnusedUseStatement" />
-		<rule ref="PSR2R.Namespaces.UseInAlphabeticalOrder" />
+	<!-- Disallow long array syntax. -->
+	<rule ref="Generic.Arrays.DisallowLongArraySyntax" />
 
-	<!-- Namespacing: No backslash with `use` -->
-		<!-- Handled in Namespaces/NoLeadingSlashOnUseSniff -->
+	<!-- Single statement on same line. -->
+	<rule ref="Generic.Formatting.DisallowMultipleStatements" />
 
-	<!-- Yoda Conditions: Ban inline assignment in control structures. See note above. -->
-		<rule ref="PSR2R.ControlStructures.NoInlineAssignment" />
+	<!-- Namespacing required for classes. -->
+	<rule ref="PSR1.Classes.ClassDeclaration" />
 
-	<!-- Anonymous Functions: Spaces after `function` and `use` -->
-		<!-- Handled in Squiz.Functions.MultiLineFunctionDeclaration -->
+	<!-- Declare symbols or run code, but not both. -->
+	<rule ref="PSR1.Files.SideEffects" />
 
-	<!-- Array Creation: Short Syntax -->
-		<!-- Handled in Arrays/ForceShortArraysSniff -->
+	<!-- Namespacing required for functions. -->
+	<rule ref="PSR2.Namespaces.NamespaceDeclaration" />
 
-	<!-- TEMPLATE RULES / TEMPLATES RULE -->
-	<!-- Namespacing: No namespace -->
+	<!-- Namespacing of `use` statements. -->
+	<rule ref="PSR2.Namespaces.UseDeclaration">
+		<exclude name="PSR2.Namespaces.UseDeclaration.MultipleDeclarations" />
+	</rule>
+	<rule ref="PSR2R.Namespaces.UnusedUseStatement" />
+	<rule ref="PSR2R.Namespaces.UseInAlphabeticalOrder" />
 
-	<!-- Inline Statements: Single statement on same line -->
-		<rule ref="Generic.Formatting.DisallowMultipleStatements"/>
-	<!-- Inline Statements: No semicolons -->
+	<!-- Ban inline assignment in control structures (see note on Yoda Conditions above). -->
+	<rule ref="PSR2R.ControlStructures.NoInlineAssignment" />
 
-	<rule ref="Generic.Arrays.DisallowLongArraySyntax"/>
 </ruleset>

composer.json

@@ -5,7 +5,7 @@
 	"license": "GPL-2.0-or-later",
 	"require": {
 		"php": ">=7.1",
-		"wp-coding-standards/wpcs": "^0.14.0",
+		"wp-coding-standards/wpcs": "^1.0.0",
 		"fig-r/psr2r-sniffer": "^0.5.0",
 		"squizlabs/php_codesniffer": "~3.4.0"
 	},

ruleset.xml

@@ -1,7 +1,10 @@
 <?xml version="1.0"?>
 <ruleset name="HM">
-	<description>Loader for the main HM sniffer.</description>
+
+	<description>Proxy to the actual Human Made coding standards.</description>
 
 	<config name="installed_paths" value="vendor/wp-coding-standards/wpcs,vendor/fig-r/psr2r-sniffer" />
+
 	<rule ref="vendor/humanmade/coding-standards/HM/ruleset.xml" />
+
 </ruleset>