Merge pull request #839 from Automattic/feature/deprecate-js-only-sniffs

Author: GaryJones

WordPress-VIP-Go/ruleset.xml

@@ -4,7 +4,9 @@
 
 	<!-- The rules below are the changes from between the original sniff or parent ruleset, and what should be applied for this Standard. -->
 	<!-- Include the base VIP Minimum ruleset -->
-	<rule ref="WordPressVIPMinimum"/>
+	<rule ref="WordPressVIPMinimum">
+		<exclude name="WordPressVIPMinimum.JS"/>
+	</rule>
 
 	<!-- Things that may be incompatible with the VIP Go infrastructure and needs a dev to review -->
 	<rule ref="WordPressVIPMinimum.Functions.RestrictedFunctions.file_ops_file_put_contents">

WordPressVIPMinimum/Sniffs/JS/DangerouslySetInnerHTMLSniff.php

@@ -7,6 +7,7 @@
 
 namespace WordPressVIPMinimum\Sniffs\JS;
 
+use PHP_CodeSniffer\Sniffs\DeprecatedSniff;
 use PHP_CodeSniffer\Util\Tokens;
 use WordPressVIPMinimum\Sniffs\Sniff;
 
@@ -15,7 +16,7 @@
  *
  * Looks for instances of React's dangerouslySetInnerHMTL.
  */
-class DangerouslySetInnerHTMLSniff extends Sniff {
+class DangerouslySetInnerHTMLSniff extends Sniff implements DeprecatedSniff {
 
 	/**
 	 * A list of tokenizers this sniff supports.
@@ -67,4 +68,31 @@ public function process_token( $stackPtr ) {
 		$data    = [ $this->tokens[ $stackPtr ]['content'] ];
 		$this->phpcsFile->addError( $message, $stackPtr, 'Found', $data );
 	}
+
+	/**
+	 * Provide the version number in which the sniff was deprecated.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationVersion() {
+		return 'VIP-Coding-Standard v3.1.0';
+	}
+
+	/**
+	 * Provide the version number in which the sniff will be removed.
+	 *
+	 * @return string
+	 */
+	public function getRemovalVersion() {
+		return 'VIP-Coding-Standard v4.0.0';
+	}
+
+	/**
+	 * Provide a custom message to display with the deprecation.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationMessage() {
+		return 'Support for scanning JavaScript files will be removed from PHP_CodeSniffer, so this sniff is no longer viable.';
+	}
 }

WordPressVIPMinimum/Sniffs/JS/HTMLExecutingFunctionsSniff.php

@@ -7,6 +7,7 @@
 
 namespace WordPressVIPMinimum\Sniffs\JS;
 
+use PHP_CodeSniffer\Sniffs\DeprecatedSniff;
 use PHP_CodeSniffer\Util\Tokens;
 use WordPressVIPMinimum\Sniffs\Sniff;
 
@@ -15,7 +16,7 @@
  *
  * Flags functions which are executing HTML passed to it.
  */
-class HTMLExecutingFunctionsSniff extends Sniff {
+class HTMLExecutingFunctionsSniff extends Sniff implements DeprecatedSniff {
 
 	/**
 	 * List of HTML executing functions.
@@ -128,4 +129,31 @@ public function process_token( $stackPtr ) {
 			}
 		}
 	}
+
+	/**
+	 * Provide the version number in which the sniff was deprecated.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationVersion() {
+		return 'VIP-Coding-Standard v3.1.0';
+	}
+
+	/**
+	 * Provide the version number in which the sniff will be removed.
+	 *
+	 * @return string
+	 */
+	public function getRemovalVersion() {
+		return 'VIP-Coding-Standard v4.0.0';
+	}
+
+	/**
+	 * Provide a custom message to display with the deprecation.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationMessage() {
+		return 'Support for scanning JavaScript files will be removed from PHP_CodeSniffer, so this sniff is no longer viable.';
+	}
 }

WordPressVIPMinimum/Sniffs/JS/InnerHTMLSniff.php

@@ -7,6 +7,7 @@
 
 namespace WordPressVIPMinimum\Sniffs\JS;
 
+use PHP_CodeSniffer\Sniffs\DeprecatedSniff;
 use PHP_CodeSniffer\Util\Tokens;
 use WordPressVIPMinimum\Sniffs\Sniff;
 
@@ -15,7 +16,7 @@
  *
  * Looks for instances of .innerHMTL.
  */
-class InnerHTMLSniff extends Sniff {
+class InnerHTMLSniff extends Sniff implements DeprecatedSniff {
 
 	/**
 	 * A list of tokenizers this sniff supports.
@@ -81,4 +82,31 @@ public function process_token( $stackPtr ) {
 			$this->phpcsFile->addWarning( $message, $stackPtr, 'Found', $data );
 		}
 	}
+
+	/**
+	 * Provide the version number in which the sniff was deprecated.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationVersion() {
+		return 'VIP-Coding-Standard v3.1.0';
+	}
+
+	/**
+	 * Provide the version number in which the sniff will be removed.
+	 *
+	 * @return string
+	 */
+	public function getRemovalVersion() {
+		return 'VIP-Coding-Standard v4.0.0';
+	}
+
+	/**
+	 * Provide a custom message to display with the deprecation.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationMessage() {
+		return 'Support for scanning JavaScript files will be removed from PHP_CodeSniffer, so this sniff is no longer viable.';
+	}
 }

WordPressVIPMinimum/Sniffs/JS/StringConcatSniff.php

@@ -7,6 +7,7 @@
 
 namespace WordPressVIPMinimum\Sniffs\JS;
 
+use PHP_CodeSniffer\Sniffs\DeprecatedSniff;
 use PHP_CodeSniffer\Util\Tokens;
 use WordPressVIPMinimum\Sniffs\Sniff;
 
@@ -15,7 +16,7 @@
  *
  * Looks for HTML string concatenation.
  */
-class StringConcatSniff extends Sniff {
+class StringConcatSniff extends Sniff implements DeprecatedSniff {
 
 	/**
 	 * A list of tokenizers this sniff supports.
@@ -72,4 +73,31 @@ private function addFoundError( $stackPtr, array $data ) {
 		$message = 'HTML string concatenation detected, this is a security risk, use DOM node construction or a templating language instead: %s.';
 		$this->phpcsFile->addError( $message, $stackPtr, 'Found', $data );
 	}
+
+	/**
+	 * Provide the version number in which the sniff was deprecated.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationVersion() {
+		return 'VIP-Coding-Standard v3.1.0';
+	}
+
+	/**
+	 * Provide the version number in which the sniff will be removed.
+	 *
+	 * @return string
+	 */
+	public function getRemovalVersion() {
+		return 'VIP-Coding-Standard v4.0.0';
+	}
+
+	/**
+	 * Provide a custom message to display with the deprecation.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationMessage() {
+		return 'Support for scanning JavaScript files will be removed from PHP_CodeSniffer, so this sniff is no longer viable.';
+	}
 }

WordPressVIPMinimum/Sniffs/JS/StrippingTagsSniff.php

@@ -7,6 +7,7 @@
 
 namespace WordPressVIPMinimum\Sniffs\JS;
 
+use PHP_CodeSniffer\Sniffs\DeprecatedSniff;
 use PHP_CodeSniffer\Util\Tokens;
 use WordPressVIPMinimum\Sniffs\Sniff;
 
@@ -15,7 +16,7 @@
  *
  * Looks for incorrect way of stripping tags.
  */
-class StrippingTagsSniff extends Sniff {
+class StrippingTagsSniff extends Sniff implements DeprecatedSniff {
 
 	/**
 	 * A list of tokenizers this sniff supports.
@@ -70,4 +71,31 @@ public function process_token( $stackPtr ) {
 			$this->phpcsFile->addError( $message, $stackPtr, 'VulnerableTagStripping' );
 		}
 	}
+
+	/**
+	 * Provide the version number in which the sniff was deprecated.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationVersion() {
+		return 'VIP-Coding-Standard v3.1.0';
+	}
+
+	/**
+	 * Provide the version number in which the sniff will be removed.
+	 *
+	 * @return string
+	 */
+	public function getRemovalVersion() {
+		return 'VIP-Coding-Standard v4.0.0';
+	}
+
+	/**
+	 * Provide a custom message to display with the deprecation.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationMessage() {
+		return 'Support for scanning JavaScript files will be removed from PHP_CodeSniffer, so this sniff is no longer viable.';
+	}
 }

WordPressVIPMinimum/Sniffs/JS/WindowSniff.php

@@ -7,6 +7,7 @@
 
 namespace WordPressVIPMinimum\Sniffs\JS;
 
+use PHP_CodeSniffer\Sniffs\DeprecatedSniff;
 use PHP_CodeSniffer\Util\Tokens;
 use WordPressVIPMinimum\Sniffs\Sniff;
 
@@ -15,7 +16,7 @@
  *
  * Looks for instances of window properties that should be flagged.
  */
-class WindowSniff extends Sniff {
+class WindowSniff extends Sniff implements DeprecatedSniff {
 
 	/**
 	 * A list of tokenizers this sniff supports.
@@ -125,4 +126,31 @@ public function process_token( $stackPtr ) {
 		$message = 'Data from JS global "%s" may contain user-supplied values and should be sanitized before output to prevent XSS.';
 		$this->phpcsFile->addError( $message, $stackPtr, $nextNextToken, $data );
 	}
+
+	/**
+	 * Provide the version number in which the sniff was deprecated.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationVersion() {
+		return 'VIP-Coding-Standard v3.1.0';
+	}
+
+	/**
+	 * Provide the version number in which the sniff will be removed.
+	 *
+	 * @return string
+	 */
+	public function getRemovalVersion() {
+		return 'VIP-Coding-Standard v4.0.0';
+	}
+
+	/**
+	 * Provide a custom message to display with the deprecation.
+	 *
+	 * @return string
+	 */
+	public function getDeprecationMessage() {
+		return 'Support for scanning JavaScript files will be removed from PHP_CodeSniffer, so this sniff is no longer viable.';
+	}
 }

WordPressVIPMinimum/ruleset.xml

@@ -9,7 +9,16 @@
 		 descriptive error message during the loading of the ruleset instead of
 		 a fatal "class not found" error once the sniffs start running.
 	-->
-	<rule ref="PHPCSUtils"/>
+	<rule ref="PHPCSUtils">
+		<!--
+		Exclude all JS specific sniffs. These are deprecated and should no longer be used.
+
+		Note: While this exclusion has nothing to do with PHPCSUtils, exclusions must be placed within a "rule"
+		and as all sniffs from WordPressVIPMinimum are automatically included, we don't have a WordPressVIPMinimum
+		rule in which to place the exclusion, so this will have to do for now.
+		-->
+		<exclude name="WordPressVIPMinimum.JS"/>
+	</rule>
 
 	<rule ref="Generic.PHP.Syntax"/>
 	<rule ref="Generic.PHP.NoSilencedErrors">