-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a sniff to detect the usage of the backtick operator. #1073
Conversation
{ | ||
$errors = array(); | ||
|
||
if ($this->isSafeModeEnabled() === false) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead you can:
- also expect errors
- add
shouldSkipTest
function that would call$this->isSafeModeEnabled() === false
- in fact you can inline the
isSafeModeEnabled
function intoshouldSkipTest
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point - adjusting now.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Originally I intended to check for the backtick character in other tokens when safe mode was enabled and throw a warning, but decided against it. This code was left behind from that.
0f1b06d
to
4b38d66
Compare
4b38d66
to
4543ab2
Compare
I ended up making the error message say "forbidden" instead of "strongly discouraged" because it was an error instead of a warning, and it also matches other error messages. But the message and type (error/warning) can be overridden in a ruleset.xml file, so I don't think that should be a problem. Thanks for the new sniff. |
… to `extra`. Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
@gsherwood That's absolutely fine by me and shouldn't be an issue for the depending projects (in my case). |
… to `extra`. Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
… to `extra`. Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
… to `extra`. Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
… to `extra`. Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
… to `extra`. Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
… to `extra`. Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
#86) Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
WordPress#86) Execution of shell commands should be discouraged. A number of the other commands along the same lines are discouraged via function sniffs, however, the backtick operator was so far ignored. For this sniff to be added, the minimum PHPCS version needs to be upped as it has only just been added in the latest release. See: squizlabs/PHP_CodeSniffer#1073
Working on a project now which wants to add a sniff like this as part of their security-sniffs and figured it would be re-usable for others as well.