WordPress.WP.AlternativeFunctions.file_system_operations error messages cannot be fixed anymore

[kkmuffme]

Bug Description

WordPress.WP.AlternativeFunctions.file_system_operations error messages are overwritten in the ruleset, e.g.

<rule ref="WordPress.WP.AlternativeFunctions.file_system_operations_fopen">
	<message>File system operations only work on the `/tmp/` and `wp-content/uploads/` directories. To avoid unexpected results, please use helper functions like `get_temp_dir()`  or `wp_get_upload_dir()` to get the proper directory path when using functions such as %s(). For more details, please see: https://docs.wpvip.com/technical-references/vip-go-files-system/local-file-operations/</message>
</rule>

However since WPCS 3.0.0 this error can only be fixed by using WP_Filesystem. Neither get_temp_dir() or wp_get_upload_dir() will make the error go away and it's unclear why (unless you debug and find the original error message where it says WP_Filesystem)

Minimal Code Snippet

$f = fopen( get_temp_dir() . '/abc.log' );

Error Code

WordPress.WP.AlternativeFunctions.file_system_operations_fopen

Environment

Question	Answer
PHP version	8.3
VIPCS version	3.0.0
WordPressCS version	3.1.0

Additional Context (optional)

With WP_Filesystem, I think it's unnecessary to overwrite those errors in the first place and these overwrites can all be removed from ruleset.xml

Possibly, errors like WordPressVIPMinimum.Functions.RestrictedFunctions.file_ops_fputcsv should be changed to a also only allow WP_Filesystem ?

Tested Against main branch?

• I have verified the issue still exists in the main branch of VIPCS.
• I have verified the issue still exists in the develop branch of VIPCS.