Skip to content
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
37 changes: 37 additions & 0 deletions .editorconfig
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
# EditorConfig is awesome: https://EditorConfig.org

# top-most EditorConfig file
root = true

# Unix-style newlines with a newline ending every file
[*]
charset = utf-8
end_of_line = lf
insert_final_newline = true
trim_trailing_whitespace = true

# PHP files - WordPress coding standards use tabs
[*.php]
indent_style = tab
indent_size = 4

# JavaScript/TypeScript - tabs (WordPress coding standards)
[*.{js,ts,jsx,tsx}]
indent_style = tab
indent_size = 4

# JSON, YAML, and config files - spaces
[*.{json,yml,yaml}]
indent_style = space
indent_size = 2

# Markdown - preserve trailing whitespace (needed for line breaks)
[*.md]
trim_trailing_whitespace = false
indent_style = space
indent_size = 2

# XML files (like phpcs.xml)
[*.xml]
indent_style = tab
indent_size = 4
Comment on lines +35 to +37

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The indentation style for XML files is set to tab, but the phpcs.xml file in this repository uses spaces for indentation. To maintain consistency across the project's configuration files, it's recommended to use spaces for XML files as well.

[*.xml]
indent_style = space
indent_size = 4

28 changes: 16 additions & 12 deletions .env.testing
Original file line number Diff line number Diff line change
@@ -1,19 +1,23 @@
PLUGIN_NAME="BH WP Logger Test Plugin"
PLUGIN_SLUG=bh-wp-logger-test-plugin
WP_ROOT_FOLDER="wordpress"
TEST_SITE_WP_ADMIN_PATH="/wp-admin"

TEST_DB_NAME="bh_wp_logger_tests"
TEST_DB_HOST="127.0.0.1"
TEST_DB_USER="root"
TEST_DB_PASSWORD="password"
Comment on lines +6 to +7

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Using common default credentials like root and password (here and on lines 13-14) is a security risk, even in a testing environment. If this configuration is ever accidentally used in a more exposed setting, it could be easily compromised. It's better practice to use more specific and less guessable credentials, for example by appending the project name.

TEST_DB_PORT="33066"
TEST_TABLE_PREFIX="tests_"

TEST_SITE_DB_NAME="bh_wp_logger_tests"
TEST_SITE_DB_HOST="127.0.0.1"
TEST_SITE_DB_USER="bh-wp-logger"
TEST_SITE_DB_PASSWORD="bh-wp-logger"
TEST_SITE_DB_USER="root"
TEST_SITE_DB_PASSWORD="password"
TEST_SITE_TABLE_PREFIX="wp_"
TEST_DB_NAME="bh_wp_logger_integration"
TEST_DB_HOST="127.0.0.1"
TEST_DB_USER="bh-wp-logger"
TEST_DB_PASSWORD="bh-wp-logger"
TEST_TABLE_PREFIX="wp_"
TEST_SITE_WP_URL="http://localhost:8080/bh-wp-logger/"
TEST_SITE_WP_DOMAIN="localhost:8080"
TEST_SITE_ADMIN_EMAIL="email@example.org"

WP_ROOT_FOLDER="wordpress"
TEST_SITE_WP_ADMIN_PATH="/wp-admin"
TEST_SITE_WP_URL="http://localhost:8080"
TEST_SITE_WP_DOMAIN="localhost"
TEST_SITE_ADMIN_EMAIL="admin@example.org"
TEST_SITE_ADMIN_USERNAME="admin"
TEST_SITE_ADMIN_PASSWORD="password"
27 changes: 27 additions & 0 deletions .gitattributes
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
/.github export-ignore
/.run export-ignore
/tests export-ignore
/test-plugin export-ignore
/.editorconfig export-ignore
/.env.testing export-ignore
/.env.secret export-ignore
/.env.secret.dist export-ignore
/.gitattributes export-ignore
/.gitignore export-ignore
/.wp-env.json export-ignore
/codeception.dist.yml export-ignore
/composer.lock export-ignore
/CONTRIBUTING.md export-ignore
/package.json export-ignore
/package-lock.json export-ignore
/patchwork.json export-ignore
/phpcs.xml export-ignore
/phpcs.woocommerce.xml export-ignore
/phpstan.neon export-ignore
/phpstan-bootstrap.php export-ignore
/rector.php export-ignore
/README.md export-ignore
/wp-cli.yml export-ignore

# When merging into a branch, ignore the coverage percentage, that should be re-calculated immediately anyway.
/.github/coverage.svg merge=ours
51 changes: 51 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
version: 2
updates:

# maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
target-branch: "master"
allow:
- dependency-type: direct
schedule:
interval: "daily"
commit-message:
prefix: "GitHub Actions"
include: "scope"
labels:
- "dependencies"
- "workflows"

# maintain dependencies for npm
- package-ecosystem: "npm"
directory: "/"
target-branch: "master"
allow:
- dependency-type: direct
schedule:
interval: "daily"
versioning-strategy: increase
commit-message:
prefix: "NPM"
prefix-development: "NPM Dev"
include: "scope"
labels:
- "dependencies"
- "js"

# maintain dependencies for Composer
- package-ecosystem: "composer"
directory: "/"
target-branch: "master"
allow:
- dependency-type: direct
schedule:
interval: "daily"
versioning-strategy: increase
commit-message:
prefix: "Composer"
prefix-development: "Composer Dev"
include: "scope"
labels:
- "dependencies"
- "php"
53 changes: 53 additions & 0 deletions .github/workflows/phpcbf.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: Run PHP CodeSniffer

# Run PHPCBF to fix changes then annotate PHPCS
# NB: Pull requests from forks do not have access to repository secrets so cannot commit changes.

on:
push:
branches:
- master
pull_request:
types: [opened, synchronize]

jobs:
php-codesniffer:
runs-on: ubuntu-latest

strategy:
matrix:
php: [ '8.4' ]

steps:
- name: Checkout
uses: actions/checkout@v6

- name: Install PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
tools: composer, cs2pr
extensions: zip

- name: Install sponge
run: sudo apt-get install moreutils

- name: Run composer install
run: composer install

- name: Run PHPCBF to fix what it can
continue-on-error: true
run: vendor/bin/phpcbf

- name: Run PHPCS to add annotations to the code
continue-on-error: true
run: vendor/bin/phpcs -q -n --report=checkstyle | cs2pr

- name: Fail if there are still phpcs errors in the production code
run: vendor/bin/phpcs src

- name: Commit PHPCBF changes
if: ${{ github.ref == 'refs/heads/master' || github.ref == 'refs/heads/main' }}
uses: stefanzweifel/git-auto-commit-action@v7
with:
commit_message: "🤖 PHPCBF"
57 changes: 57 additions & 0 deletions .github/workflows/phpstan.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
name: Run PHPStan

# Run PHPStan to annotate the code

on:
push:
branches:
- master
pull_request:
types: [opened, synchronize]

jobs:
phpstan:
runs-on: ubuntu-latest

strategy:
matrix:
php: [ '8.0' ]

steps:
- name: Checkout
uses: actions/checkout@v6

- name: Install PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php }}
tools: composer, cs2pr
extensions: zip

- name: Install sponge
run: sudo apt-get install moreutils

- name: Run composer install
run: composer install

- name: Run PHPStan to add annotations to the code
continue-on-error: true
run: vendor/bin/phpstan analyse -c phpstan.neon --level max --memory-limit 1G --error-format=checkstyle | cs2pr

# On merge to main, fail for any error in `src`.
- name: Run PHPStan to add annotations to the code (main)
run: vendor/bin/phpstan analyse src -c phpstan.neon --memory-limit 1G
if: ${{ github.event_name != 'pull_request' }}

- name: Get changed files
if: ${{ github.event_name == 'pull_request' }}
id: changed-files
uses: tj-actions/changed-files@v47
with:
separator: ' '
files: 'src/**/**.php'

# On PRs, only fail for errors in modified files.
- name: Run PHPStan to add annotations to the code (PR)
run: vendor/bin/phpstan analyse ${{ steps.changed-files.outputs.all_changed_files }} -c phpstan.neon --memory-limit 1G
if: ${{ github.event_name == 'pull_request' }}
Loading
Loading