Introduce custom file extensions with scanners #320

gudmdharalds · 2022-10-21T19:54:27Z

This pull request introduces support for configuring custom file extensions for different scanners.

This resolves #188.

TODO:

wpcomvip-vipgoci-bot

Code analysis identified issues

VIP Code Analysis Bot has identified potential problems in this pull request during automated scanning. We recommend reviewing the issues noted and that they are resolved.

phpcs scanning turned up:

🚫 1 error

This bot provides automated PHP linting and PHPCS scanning. For more information about the bot and available customizations, see our documentation.

Scan run detail

Software versions vip-go-ci version: `1.3.2` PHP runtime version for vip-go-ci: `8.1.11` PHP runtime for linting: PHP 8.1: `8.1.11` PHP runtime version for PHPCS: `7.4.32` PHPCS version: `3.7.1` PHP runtime version for SVG scanner: `7.4.32` Options file (`.vipgoci_options`) Options file enabled: `true` Configurable options: `skip-execution` `skip-draft-prs` `lint-modified-files-only` `phpcs` `phpcs-severity` `phpcs-sniffs-include` `phpcs-sniffs-exclude` `report-no-issues-found` `review-comments-sort` `review-comments-include-severity` `post-generic-pr-support-comments` `review-comments-sort` `scan-details-msg-include` `svg-checks` `autoapprove` `autoapprove-php-nonfunctional-changes` Options altered: `phpcs-severity`set to`1` `phpcs-sniffs-include`set to`Generic.PHP.DisallowShortOpenTag, Squiz.PHP.CommentedOutCode` `phpcs-sniffs-exclude`set to`WordPress.Security.EscapeOutput, WordPress.PHP.DevelopmentFunctions, WordPress.WP.AlternativeFunctions, WordPress.PHP.DiscouragedPHPFunctions, WordPress.Files.FileName, Squiz.Commenting.FileComment, Generic.PHP.Syntax` `skip-draft-prs`set to	PHP lint options PHP lint files enabled: `true` Lint modified files only: `true` Directories not PHP linted: None SVG configuration SVG scanning enabled: `true` Auto-approval configuration Auto-approvals enabled: `true` Non-functional changes auto-approved: `true` Auto-approved file-types: `css` `csv` `eot` `gif` `gz` `ico` `ini` `jpeg` `jpg` `json` `less` `map` `md` `mdown` `mo` `mp4` `otf` `pcss` `pdf` `po` `pot` `png` `sass` `scss` `styl` `ttf` `txt` `woff` `woff2` `yml`	PHPCS configuration PHPCS scanning enabled: `true` PHPCS severity level: `1` Standard(s) used: `PHPCompatibility` `PHPCompatibilityParagonieRandomCompat` `PHPCompatibilityParagonieSodiumCompat` `VariableAnalysis` `WordPress` Runtime set: `testVersion 8.1-` Custom sniffs included: `Generic.PHP.DisallowShortOpenTag` `Squiz.PHP.CommentedOutCode` Custom sniffs excluded: `WordPress.Security.EscapeOutput` `WordPress.PHP.DevelopmentFunctions` `WordPress.WP.AlternativeFunctions` `WordPress.PHP.DiscouragedPHPFunctions` `WordPress.Files.FileName` `Squiz.Commenting.FileComment` `Generic.PHP.Syntax` Directories not PHPCS scanned: `tests/unit` WPScan API configuration WPScan API scanning enabled: `false`

wp-core-misc.php

Dismissing review as all inline comments are obsolete by now

wpcomvip-vipgoci-bot

Code analysis identified issues

VIP Code Analysis Bot has identified potential problems in this pull request during automated scanning. We recommend reviewing the issues noted and that they are resolved.

phpcs scanning turned up:

🚫 1 error

This bot provides automated PHP linting and PHPCS scanning. For more information about the bot and available customizations, see our documentation.

Scan run detail

Software versions vip-go-ci version: `1.3.2` PHP runtime version for vip-go-ci: `8.1.11` PHP runtime for linting: PHP 8.1: `8.1.11` PHP runtime version for PHPCS: `7.4.32` PHPCS version: `3.7.1` PHP runtime version for SVG scanner: `7.4.32` Options file (`.vipgoci_options`) Options file enabled: `true` Configurable options: `skip-execution` `skip-draft-prs` `lint-modified-files-only` `phpcs` `phpcs-severity` `phpcs-sniffs-include` `phpcs-sniffs-exclude` `report-no-issues-found` `review-comments-sort` `review-comments-include-severity` `post-generic-pr-support-comments` `review-comments-sort` `scan-details-msg-include` `svg-checks` `autoapprove` `autoapprove-php-nonfunctional-changes` Options altered: `phpcs-severity`set to`1` `phpcs-sniffs-include`set to`Generic.PHP.DisallowShortOpenTag, Squiz.PHP.CommentedOutCode` `phpcs-sniffs-exclude`set to`WordPress.Security.EscapeOutput, WordPress.PHP.DevelopmentFunctions, WordPress.WP.AlternativeFunctions, WordPress.PHP.DiscouragedPHPFunctions, WordPress.Files.FileName, Squiz.Commenting.FileComment, Generic.PHP.Syntax` `skip-draft-prs`set to	PHP lint options PHP lint files enabled: `true` Lint modified files only: `true` Directories not PHP linted: None SVG configuration SVG scanning enabled: `true` Auto-approval configuration Auto-approvals enabled: `true` Non-functional changes auto-approved: `true` Auto-approved file-types: `css` `csv` `eot` `gif` `gz` `ico` `ini` `jpeg` `jpg` `json` `less` `map` `md` `mdown` `mo` `mp4` `otf` `pcss` `pdf` `po` `pot` `png` `sass` `scss` `styl` `ttf` `txt` `woff` `woff2` `yml`	PHPCS configuration PHPCS scanning enabled: `true` PHPCS severity level: `1` Standard(s) used: `PHPCompatibility` `PHPCompatibilityParagonieRandomCompat` `PHPCompatibilityParagonieSodiumCompat` `VariableAnalysis` `WordPress` Runtime set: `testVersion 8.1-` Custom sniffs included: `Generic.PHP.DisallowShortOpenTag` `Squiz.PHP.CommentedOutCode` Custom sniffs excluded: `WordPress.Security.EscapeOutput` `WordPress.PHP.DevelopmentFunctions` `WordPress.WP.AlternativeFunctions` `WordPress.PHP.DiscouragedPHPFunctions` `WordPress.Files.FileName` `Squiz.Commenting.FileComment` `Generic.PHP.Syntax` Directories not PHPCS scanned: `tests/unit` WPScan API configuration WPScan API scanning enabled: `false`

main.php

wpcomvip-vipgoci-bot

Code analysis identified issues

VIP Code Analysis Bot has identified potential problems in this pull request during automated scanning. We recommend reviewing the issues noted and that they are resolved.

phpcs scanning turned up:

🚫 1 error

This bot provides automated PHP linting and PHPCS scanning. For more information about the bot and available customizations, see our documentation.

Scan run detail

Software versions vip-go-ci version: `1.3.2` PHP runtime version for vip-go-ci: `8.1.11` PHP runtime for linting: PHP 8.1: `8.1.11` PHP runtime version for PHPCS: `7.4.32` PHPCS version: `3.7.1` PHP runtime version for SVG scanner: `7.4.32` Options file (`.vipgoci_options`) Options file enabled: `true` Configurable options: `skip-execution` `skip-draft-prs` `lint-modified-files-only` `phpcs` `phpcs-severity` `phpcs-sniffs-include` `phpcs-sniffs-exclude` `report-no-issues-found` `review-comments-sort` `review-comments-include-severity` `post-generic-pr-support-comments` `review-comments-sort` `scan-details-msg-include` `svg-checks` `autoapprove` `autoapprove-php-nonfunctional-changes` Options altered: `phpcs-severity`set to`1` `phpcs-sniffs-include`set to`Generic.PHP.DisallowShortOpenTag, Squiz.PHP.CommentedOutCode` `phpcs-sniffs-exclude`set to`WordPress.Security.EscapeOutput, WordPress.PHP.DevelopmentFunctions, WordPress.WP.AlternativeFunctions, WordPress.PHP.DiscouragedPHPFunctions, WordPress.Files.FileName, Squiz.Commenting.FileComment, Generic.PHP.Syntax` `skip-draft-prs`set to	PHP lint options PHP lint files enabled: `true` Lint modified files only: `true` Directories not PHP linted: None SVG configuration SVG scanning enabled: `true` Auto-approval configuration Auto-approvals enabled: `true` Non-functional changes auto-approved: `true` Auto-approved file-types: `css` `csv` `eot` `gif` `gz` `ico` `ini` `jpeg` `jpg` `json` `less` `map` `md` `mdown` `mo` `mp4` `otf` `pcss` `pdf` `po` `pot` `png` `sass` `scss` `styl` `ttf` `txt` `woff` `woff2` `yml`	PHPCS configuration PHPCS scanning enabled: `true` PHPCS severity level: `1` Standard(s) used: `PHPCompatibility` `PHPCompatibilityParagonieRandomCompat` `PHPCompatibilityParagonieSodiumCompat` `VariableAnalysis` `WordPress` Runtime set: `testVersion 8.1-` Custom sniffs included: `Generic.PHP.DisallowShortOpenTag` `Squiz.PHP.CommentedOutCode` Custom sniffs excluded: `WordPress.Security.EscapeOutput` `WordPress.PHP.DevelopmentFunctions` `WordPress.WP.AlternativeFunctions` `WordPress.PHP.DiscouragedPHPFunctions` `WordPress.Files.FileName` `Squiz.Commenting.FileComment` `Generic.PHP.Syntax` Directories not PHPCS scanned: `tests/unit` WPScan API configuration WPScan API scanning enabled: `false`

main.php

…ile-extensions

…file-extensions

…ile-extensions

…False() with assertStringContainsString()

wpcomvip-vipgoci-bot · 2022-11-01T12:14:51Z

No issues were found to report when scanning latest commit (commit-ID: e80b43a)

This bot provides automated PHP linting and PHPCS scanning. For more information about the bot and available customizations, see our documentation.

Scan run detail

Software versions vip-go-ci version: `1.3.2` PHP runtime version for vip-go-ci: `8.1.12` PHP runtime for linting: PHP 8.1: `8.1.12` PHP runtime version for PHPCS: `7.4.32` PHPCS version: `3.7.1` PHP runtime version for SVG scanner: `7.4.32` Options file (`.vipgoci_options`) Options file enabled: `true` Configurable options: `skip-execution` `skip-draft-prs` `lint-modified-files-only` `phpcs` `phpcs-severity` `phpcs-sniffs-include` `phpcs-sniffs-exclude` `report-no-issues-found` `review-comments-sort` `review-comments-include-severity` `post-generic-pr-support-comments` `review-comments-sort` `scan-details-msg-include` `svg-checks` `autoapprove` `autoapprove-php-nonfunctional-changes` Options altered: `phpcs-severity`set to`1` `phpcs-sniffs-include`set to`Generic.PHP.DisallowShortOpenTag, Squiz.PHP.CommentedOutCode` `phpcs-sniffs-exclude`set to`WordPress.Security.EscapeOutput, WordPress.PHP.DevelopmentFunctions, WordPress.WP.AlternativeFunctions, WordPress.PHP.DiscouragedPHPFunctions, WordPress.Files.FileName, Squiz.Commenting.FileComment, Generic.PHP.Syntax` `skip-draft-prs`set to	PHP lint options PHP lint files enabled: `true` Lint modified files only: `true` Directories not PHP linted: None SVG configuration SVG scanning enabled: `true` Auto-approval configuration Auto-approvals enabled: `true` Non-functional changes auto-approved: `true` Auto-approved file-types: `css` `csv` `eot` `gif` `gz` `ico` `ini` `jpeg` `jpg` `json` `less` `map` `md` `mdown` `mo` `mp4` `otf` `pcss` `pdf` `po` `pot` `png` `sass` `scss` `styl` `ttf` `txt` `woff` `woff2` `yml`	PHPCS configuration PHPCS scanning enabled: `true` PHPCS severity level: `1` Standard(s) used: `PHPCompatibility` `PHPCompatibilityParagonieRandomCompat` `PHPCompatibilityParagonieSodiumCompat` `VariableAnalysis` `WordPress` Runtime set: `testVersion 8.1-` Custom sniffs included: `Generic.PHP.DisallowShortOpenTag` `Squiz.PHP.CommentedOutCode` Custom sniffs excluded: `WordPress.Security.EscapeOutput` `WordPress.PHP.DevelopmentFunctions` `WordPress.WP.AlternativeFunctions` `WordPress.PHP.DiscouragedPHPFunctions` `WordPress.Files.FileName` `Squiz.Commenting.FileComment` `Generic.PHP.Syntax` Directories not PHPCS scanned: None WPScan API configuration WPScan API scanning enabled: `false`

gudmdharalds added 4 commits October 21, 2022 19:42

Make SVG file extensions configurable.

c9544fe

Make SVG file extensions configurable.

7aa83fe

Make SVG and PHP file extensions configurable.

ff9394e

Make PHP and SVG file extensions configurable

b085b77

gudmdharalds added [Type] Enhancement [Pri] High labels Oct 21, 2022

gudmdharalds added this to the 1.3.3 milestone Oct 21, 2022

gudmdharalds self-assigned this Oct 21, 2022

gudmdharalds and others added 6 commits October 26, 2022 12:57

Merge branch 'trunk' into add/file-extensions

44f4a61

Adding option 'autoapprove-php-nonfunctional-changes-file-extensions'

0849102

Add option 'lint-file-extensions'

b396de6

Adding option 'wpscan-api-file-extensions'

973c12f

Add file extensions parameter so the value can be configured.

02d91a2

Update vipgoci_option_array_handle() so forbidden values can be array.

c863894

wpcomvip-vipgoci-bot previously requested changes Oct 26, 2022

View reviewed changes

wp-core-misc.php Outdated Show resolved Hide resolved

Fix whitespace.

2d7c53c

gudmdharalds added 2 commits October 26, 2022 16:16

Adding constants.

4c38674

Make file extensions configurable for each scanner type

b7e9646

wpcomvip-vipgoci-bot previously requested changes Oct 26, 2022

View reviewed changes

main.php Outdated Show resolved Hide resolved

Add empty line.

9e6028f

wpcomvip-vipgoci-bot previously requested changes Oct 26, 2022

View reviewed changes

main.php Outdated Show resolved Hide resolved

gudmdharalds added 8 commits October 27, 2022 09:45

Add --wpscan-api-file-extensions option

2a4b44d

Add --lint-file-extensions option

8669f8c

Sort option values

4eea749

Sort option values

e4cab03

Sort option values

0eb75df

Move code around

953ac2c

Move code around

5845e4c

Sort option values

25f9d73

gudmdharalds added 27 commits October 28, 2022 17:49

Add section about file extensions

03078c5

Adding error codes.

8d1ce9c

Adding default file-extension defines for plugins and themes.

dd0835d

Applying --wpscan-api-plugin-file-extensions and --wpscan-api-theme-f…

28a64b6

…ile-extensions

Updating test to reflect new parameters

ba04cde

Updating test to reflect new parameters

22ab89e

Applying --wpscan-api-plugin-file-extensions and --wpscan-api-theme-f…

20e6b4e

…ile-extensions

Updating test to reflect new parameters

7e48f87

Updating test to reflect new parameters

da8d14f

Updating test to reflect new parameters

86a95cd

Update test to reflect new output

2973831

Applying --wpscan-api-plugin-file-extensions and --wpscan-api-theme-…

3c60be8

…file-extensions

Updating test to reflect new parameters

46e43b8

Applying --wpscan-api-plugin-file-extensions and --wpscan-api-theme-f…

6ed86b7

…ile-extensions

Replace assertFalse() with assertStringNotContainsString(), assertNot…

11d9370

…False() with assertStringContainsString()

Add more debug info to logging

1c2f0b9

Updating test string

e015a17

Replace assertFalse() with assertStringNotContainsString(), assertNot…

71fca73

…False() with assertStringContainsString()

Replace assertFalse() with assertStringNotContainsString(), assertNot…

9cdad1a

…False() with assertStringContainsString()

Replace assertFalse() with assertStringNotContainsString(), assertNot…

85e391c

…False() with assertStringContainsString()

Replace assertFalse() with assertStringNotContainsString(), assertNot…

e292c85

…False() with assertStringContainsString()

Renaming test

8607e03

Renaming test

350fd81

WP CS change

80893c5

Ensure variable is always defined

081d80a

Update test string.

88aa77e

Update test string.

e80b43a

gudmdharalds merged commit c30aeae into trunk Nov 1, 2022

gudmdharalds deleted the add/file-extensions branch November 1, 2022 12:28

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Introduce custom file extensions with scanners #320

Introduce custom file extensions with scanners #320

gudmdharalds commented Oct 21, 2022 •

edited

Loading

wpcomvip-vipgoci-bot left a comment

Software versions

Options file (`.vipgoci_options`)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

wpcomvip-vipgoci-bot left a comment

Software versions

Options file (`.vipgoci_options`)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

wpcomvip-vipgoci-bot left a comment

Software versions

Options file (`.vipgoci_options`)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

wpcomvip-vipgoci-bot commented Nov 1, 2022

Software versions

Options file (`.vipgoci_options`)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

Introduce custom file extensions with scanners #320

Introduce custom file extensions with scanners #320

Conversation

gudmdharalds commented Oct 21, 2022 • edited Loading

wpcomvip-vipgoci-bot left a comment

Choose a reason for hiding this comment

Code analysis identified issues

Software versions

Options file (.vipgoci_options)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

wpcomvip-vipgoci-bot left a comment

Choose a reason for hiding this comment

Code analysis identified issues

Software versions

Options file (.vipgoci_options)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

wpcomvip-vipgoci-bot left a comment

Choose a reason for hiding this comment

Code analysis identified issues

Software versions

Options file (.vipgoci_options)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

wpcomvip-vipgoci-bot commented Nov 1, 2022

Software versions

Options file (.vipgoci_options)

PHP lint options

SVG configuration

Auto-approval configuration

PHPCS configuration

WPScan API configuration

gudmdharalds commented Oct 21, 2022 •

edited

Loading

Options file (`.vipgoci_options`)

Options file (`.vipgoci_options`)

Options file (`.vipgoci_options`)

Options file (`.vipgoci_options`)