Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release WordPressCS 3.1.0 #2439

Merged
merged 69 commits into from
Mar 25, 2024
Merged

Release WordPressCS 3.1.0 #2439

merged 69 commits into from
Mar 25, 2024

Conversation

jrfnl
Copy link
Member

@jrfnl jrfnl commented Mar 22, 2024

⚠️ DO NOT MERGE (YET) ⚠️

Please do add approvals if you agree as otherwise we won't be able to release.

PR for tracking changes for the 3.1.0 release. Target release date: Monday March 25, 2024.

Release checklist

General

Release prep

Release

  • Merge this PR.
  • Make sure all CI builds are green.
  • Tag and create a release against main (careful, GH defaults to develop!) & copy & paste the changelog to it.
    ✏️ Check if anything from the link collection at the bottom of the changelog needs to be copied in!
  • Make sure all CI builds are green.
  • Close the milestone.
  • Open a new milestone for the next release.
  • If any open PRs/issues which were milestoned for this release did not make it into the release, update their milestone.
  • Fast-forward develop to be equal to main.

After release

  • Open a Trac ticket for WordPress Core to update.

Publicize

jrfnl and others added 30 commits September 13, 2023 14:14
This commit adds an initial Dependabot configuration to:
* Submit pull requests for security updates and version updates for GH Action runner dependencies.

At a later point in time, we could consider enabling it for Composer dependencies as well.

The configuration has been set up to:
* Run weekly (for now).
* Submit a maximum of 5 pull requests at a time.
    If additional pull requests are needed, these will subsequently be submitted the next time Dependabot runs after one or more of the open pull requests have been merged.
* The commit messages for PRs submitted by Dependabot will be prefixed according the unofficial conventions used in this repo up to now.
* The PRs will automatically be labelled with an appropriate label as already in use in this repo.

Refs:
* https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
* https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#versioning-strategy
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
The posts per page sniff should bail out early if empty string is passed as a value.

The tests were added for both posts per page sniff and slow db query sniff,
to check if empty string is passed as a value.
In the case of SlowDBQuery the sniff should flag cases where there is and isn't a value passed,
as that sniff will always flag whenever meta_key and meta_value are used in a query.
Add defensive coding in posts per page sniff
Just noticed this didn't display as intended.
Looks like this one was missed in previous update rounds (not that it is a valid URL anyway.
* Update a URL which is no longer valid.
* Ensure all steps have a name.
... which is expected later today.

* Builds against PHP 8.3 are no longer allowed to fail.
* Add _allowed to fail_ build against PHP 8.4.
…it-update-list

IsUnitTestTrait: add new testcase as introduced in WP Core
GH Actions: update for the release of PHP 8.3
PHPCSExtra 1.2.0 was released yesterday and contains two new sniffs which IMO would be suitable for adding to WordPressCS.

Includes raising the minimum supported PHPCSExtra version. (will conflict with PR 2408 and will need rebase depending on which is merged first)

Ref:
* https://github.com/PHPCSStandards/PHPCSExtra/releases/tag/1.2.0
The WP PHP Open Collective, aside from the name conveying the completely wrong message, has so far not been in touch with us about how funds can be released or anything else.

This seems like a dead-end.

Switching to the PHP_CodeSniffer Open Collective makes more sense (to me). Happy to have a discussion about this.
The path of the test case file used in the example of how to generate
the list of expected lines with errors is wrong. This commit fixes it.

I believe it was changed by mistake in
4a33d46#diff-98e64bc1cd2db9333c6effe87bbe0d6dfe8714aba4c6bde45aa037fe0796e44cR141.

If we want to keep the current path for some reason, we might want to
change the part that says "from the root directory of your WordPressCS
clone".
... caused by improved, but not 100% correct, type information coming from PHPCSUtils.

This incorrect type info will be fixed in the next version of PHPCSUtils.
The Squizlabs repo has been abandoned. The project continues in a fork in the PHPCSStandards organisation.

Ref:
* squizlabs/PHP_CodeSniffer 3932
In contrast to earlier information, arrangements are now being made to allow the package to continue under its original name on Packagist. The commit (in the new repo) to rename the package [has been reverted](PHPCSStandards/PHP_CodeSniffer#135).
jrfnl and others added 19 commits March 4, 2024 16:21
This new PHPCS 3.9.0 sniff will flag code which contains a `||` and a `&&` operator in the same condition and their precedence is not clarified via parenthesis.

This should allow for users of WPCS to find/prevent some bugs in code.

I'd personally would **_highly_** recommend for WP Core to also use this sniff, but I suspect that will need due discussion/Make post/handbook change.

Note: running this sniff on WP Core as-is, would (to my surprise) not actually trigger any new errors.

Includes updating a code snippet in the Ruleset test to comply.
Upstream a PR is open - and will be merged soon - to change the protection against the `Squiz` sniff, which this sniff extends, handling operators found in `declare()` statements.
In particular, the PR is about how the sniff handles parse errors/live coding for declare statements.

As the WPCS sniff calls the parent `register()` method and falls through to the parent `process()` method, the WPCS sniff should automatically get that extra protection too.

This commit just adds an extra test to the `WordPress.WhiteSpace.OperatorSpacing` to safeguard things.
Extra: do not allow ambiguous conditions (needs PHPCS 3.9.0)
…with-upstream-289

WhiteSpace/OperatorSpacing: add extra test
Bumps [mondeja/remove-labels-gh-action](https://github.com/mondeja/remove-labels-gh-action) from 1 to 2.
- [Release notes](https://github.com/mondeja/remove-labels-gh-action/releases)
- [Commits](mondeja/remove-labels-gh-action@v1...v2)

---
updated-dependencies:
- dependency-name: mondeja/remove-labels-gh-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
PHPCSUtils 1.0.10 has been released, which fixes two false positives, meaning these ignore annotations can now be removed (as per the inline comments).

Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10
PHPStan config: update for release of PHPCSUtils 1.0.10
…deja/remove-labels-gh-action-2

GH Actions: Bump mondeja/remove-labels-gh-action from 1 to 2
…n WP 6.5-RC3

Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
…ist based on WP 6.5-RC3

Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.

Includes tests.
Based on a scan of WP Core at commit WordPress/wordpress-develop@3595704 using a preliminary sniff created for issue 1803.

Includes tests.
The minimum version should be three versions behind the latest WP release, so what with 6.5 being in RC, to be released on next week, it should now become 6.2.

Includes updating the tests to match.

Previous: 2121, 2321
Nothing major in the 1.0.10 release, but updating the requirement prevents us having to deal with invalid bug reports when people would already be running WPCS against PHP 8.4, as two issues related to a PHP 8.4 deprecation have been fixed.

Ref: https://github.com/PHPCSStandards/PHPCSUtils/releases/tag/1.0.10
…ffs-wp-6.5

Update list based sniffs for WP 6.5
…utils

Composer: raise the minimum supported PHPCSUtils version to 1.0.10
Copy link
Member

@dingo-d dingo-d left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Target release date: Monday March 22, 2024.

I'm guessing this is a typo and should be Monday March 25, 2024?

@jrfnl
Copy link
Member Author

jrfnl commented Mar 24, 2024

Target release date: Monday March 22, 2024.

I'm guessing this is a typo and should be Monday March 25, 2024?

Correct. Glad to see I didn't make the typo in the actual changelog 😁

Changelog for the release of WordPressCS 3.1.0
@jrfnl jrfnl merged commit 9333efc into main Mar 25, 2024
42 checks passed
@jrfnl
Copy link
Member Author

jrfnl commented Mar 25, 2024

@jrfnl
Copy link
Member Author

jrfnl commented Mar 25, 2024

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants