@@ -44,12 +44,85 @@ jobs:
4444 if : always()
4545 run : |
4646 RESULTS_FILE="${RUNNER_TEMP}/plugin-check-results.txt"
47+
4748 echo "## WordPress Plugin Check Results" >> $GITHUB_STEP_SUMMARY
48- if [ -s "$RESULTS_FILE" ]; then
49+ echo "" >> $GITHUB_STEP_SUMMARY
50+
51+ if [ ! -s "$RESULTS_FILE" ]; then
52+ echo "No results file found or file is empty." >> $GITHUB_STEP_SUMMARY
53+ echo "Check the action logs for details." >> $GITHUB_STEP_SUMMARY
54+ exit 0
55+ fi
56+
57+ # === HIGH RISK: Issues that can get your plugin closed or suspended ===
58+ echo "### 🚨 HIGH RISK — Can cause plugin closure or suspension" >> $GITHUB_STEP_SUMMARY
59+ echo "" >> $GITHUB_STEP_SUMMARY
60+
61+ HIGH_RISK_PATTERNS=(
62+ "Plugin Updater detected"
63+ "Missing.*License.*Plugin Header"
64+ "restricted term"
65+ "trademarked_term"
66+ "trademarks"
67+ "Unescaped parameter.*\\$wpdb"
68+ "Use placeholders and.*\\$wpdb->prepare"
69+ "code_obfuscation"
70+ "plugin_updater"
71+ "no_unfiltered_uploads"
72+ )
73+
74+ HIGH_RISK_REGEX=$(IFS='|'; echo "${HIGH_RISK_PATTERNS[*]}")
75+ HIGH_RISK_FOUND=$(grep -iE "$HIGH_RISK_REGEX" "$RESULTS_FILE" || true)
76+
77+ if [ -n "$HIGH_RISK_FOUND" ]; then
4978 echo '```' >> $GITHUB_STEP_SUMMARY
50- cat "$RESULTS_FILE" >> $GITHUB_STEP_SUMMARY
79+ echo "$HIGH_RISK_FOUND" | sort -u >> $GITHUB_STEP_SUMMARY
5180 echo '```' >> $GITHUB_STEP_SUMMARY
5281 else
53- echo "No results file found or file is empty." >> $GITHUB_STEP_SUMMARY
54- echo "Check the annotations on the Files Changed tab for details." >> $GITHUB_STEP_SUMMARY
82+ echo "✅ No high-risk issues found." >> $GITHUB_STEP_SUMMARY
5583 fi
84+
85+ echo "" >> $GITHUB_STEP_SUMMARY
86+
87+ # === MEDIUM RISK: Issues wordpress.org reviews flag ===
88+ echo "### ⚠️ MEDIUM RISK — Commonly flagged in wordpress.org reviews" >> $GITHUB_STEP_SUMMARY
89+ echo "" >> $GITHUB_STEP_SUMMARY
90+
91+ MEDIUM_RISK_PATTERNS=(
92+ "missing_direct_file_access_protection"
93+ "trunk_stable_tag"
94+ "mismatched_plugin_name"
95+ "Missing.*\\$domain.*parameter"
96+ "has been deprecated"
97+ "wp_get_sites"
98+ "curl_curl_"
99+ "WordPress.WP.AlternativeFunctions"
100+ "application_detected"
101+ )
102+
103+ MEDIUM_RISK_REGEX=$(IFS='|'; echo "${MEDIUM_RISK_PATTERNS[*]}")
104+ MEDIUM_RISK_FOUND=$(grep -iE "$MEDIUM_RISK_REGEX" "$RESULTS_FILE" || true)
105+
106+ if [ -n "$MEDIUM_RISK_FOUND" ]; then
107+ echo '```' >> $GITHUB_STEP_SUMMARY
108+ echo "$MEDIUM_RISK_FOUND" | sort -u >> $GITHUB_STEP_SUMMARY
109+ echo '```' >> $GITHUB_STEP_SUMMARY
110+ else
111+ echo "✅ No medium-risk issues found." >> $GITHUB_STEP_SUMMARY
112+ fi
113+
114+ echo "" >> $GITHUB_STEP_SUMMARY
115+
116+ # === ALL OTHER ISSUES (collapsed) ===
117+ TOTAL=$(wc -l < "$RESULTS_FILE" | tr -d ' ')
118+ HIGH_COUNT=$(echo "$HIGH_RISK_FOUND" | grep -c '.' || echo "0")
119+ MEDIUM_COUNT=$(echo "$MEDIUM_RISK_FOUND" | grep -c '.' || echo "0")
120+ OTHER_COUNT=$((TOTAL - HIGH_COUNT - MEDIUM_COUNT))
121+
122+ echo "<details>" >> $GITHUB_STEP_SUMMARY
123+ echo "<summary>📋 Other issues ($OTHER_COUNT) — click to expand</summary>" >> $GITHUB_STEP_SUMMARY
124+ echo "" >> $GITHUB_STEP_SUMMARY
125+ echo '```' >> $GITHUB_STEP_SUMMARY
126+ grep -ivE "$HIGH_RISK_REGEX|$MEDIUM_RISK_REGEX" "$RESULTS_FILE" >> $GITHUB_STEP_SUMMARY || true
127+ echo '```' >> $GITHUB_STEP_SUMMARY
128+ echo "</details>" >> $GITHUB_STEP_SUMMARY
0 commit comments