Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect possible updater file inside vendor folder #651

Closed
wants to merge 3 commits into from
Closed

Detect possible updater file inside vendor folder #651

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
e977c59
Detect possible updater inside vendor
ernilambar Sep 20, 2024
fb2619e
Add test for updater inside vendor folder
ernilambar Sep 20, 2024
033fd6b
Add vendor folder inside test files
ernilambar Sep 20, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ build
############

node_modules/
vendor/
/vendor/
build-cs/vendor/
build-cs/composer.lock
build-phpunit/vendor/
Expand Down
16 changes: 15 additions & 1 deletion includes/Checker/Checks/Plugin_Repo/Plugin_Updater_Check.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -134,8 +134,22 @@ protected function look_for_update_uri_header( Check_Result $result ) {
* @param array $php_files List of absolute PHP file paths.
*/
protected function look_for_updater_file( Check_Result $result, array $php_files ) {
// Possible extra files which are not included in default files list.
$updater_files = array(
'vendor/yahnis-elsts/plugin-update-checker/plugin-update-checker.php',
'vendor/plugin-update-checker/plugin-update-checker.php',
'vendor/kernl/kernl-update-checker/kernl-update-checker.php',
);
Comment on lines +138 to +142
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Have we received any reports of similar issues?

In my opinion, we don't need to address plugin-specific issues at this time. Instead, I suggest we wait and see if more similar bugs are reported. If we observe a pattern, we can explore possible solutions then.


$plugin_path = $result->plugin()->path();

foreach ( $updater_files as $updater_file ) {
if ( file_exists( $plugin_path . $updater_file ) ) {
$php_files[] = $plugin_path . $updater_file;
}
}

$plugin_update_files = self::filter_files_by_regex( $php_files, '/plugin-update-checker\.php$/' );
$plugin_update_files = self::filter_files_by_regex( $php_files, '/(plugin|kernl)-update-checker\.php$/' );

if ( $plugin_update_files ) {
foreach ( $plugin_update_files as $file ) {
Expand Down
16 changes: 16 additions & 0 deletions tests/phpunit/testdata/plugins/test-plugin-updater-file-inside-vendor-errors/load.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
<?php
/**
* Plugin Name: Test Plugin Updater File Inside Vendor Errors for Plugin Check
* Plugin URI: https://github.com/WordPress/plugin-check
* Description: Some plugin description.
* Requires at least: 6.0
* Requires PHP: 5.6
* Version: 1.0.0
* Author: WordPress Performance Team
* Author URI: https://make.wordpress.org/performance/
* License: GPLv2 or later
* License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
* Text Domain: test-plugin-updater-file-errors
*
* @package test-plugin-updater-file-errors
*/
3 changes: 3 additions & 0 deletions ...-inside-vendor-errors/vendor/yahnis-elsts/plugin-update-checker/plugin-update-checker.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
<?php

// File for plugin-update-checker
19 changes: 13 additions & 6 deletions tests/phpunit/tests/Checker/Checks/Plugin_Updater_Check_Tests.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,42 +44,49 @@ public function test_run_with_plugin_updater_errors( $type_flag, $plugin_basenam

public function data_plugin_updater_check() {
return array(
'Update URI Header' => array(
'Update URI Header' => array(
Plugin_Updater_Check::TYPE_PLUGIN_UPDATE_URI_HEADER,
'test-plugin-update-uri-header-errors/load.php',
'load.php',
'plugin_updater_detected',
true,
),
'Updater File' => array(
'Updater File' => array(
Plugin_Updater_Check::TYPE_PLUGIN_UPDATER_FILE,
'test-plugin-updater-file-errors/load.php',
'plugin-update-checker.php',
'plugin_updater_detected',
true,
),
'Plugin Updaters' => array(
'Updater File Inside Vendor' => array(
Plugin_Updater_Check::TYPE_PLUGIN_UPDATER_FILE,
'test-plugin-updater-file-inside-vendor-errors/load.php',
'vendor/yahnis-elsts/plugin-update-checker/plugin-update-checker.php',
'plugin_updater_detected',
true,
),
'Plugin Updaters' => array(
Plugin_Updater_Check::TYPE_PLUGIN_UPDATERS,
'test-plugin-updaters-errors/load.php',
'load.php',
'plugin_updater_detected',
true,
),
'Plugin Updaters Regex' => array(
'Plugin Updaters Regex' => array(
Plugin_Updater_Check::TYPE_PLUGIN_UPDATERS,
'test-plugin-updaters-regex-errors/load.php',
'load.php',
'plugin_updater_detected',
true,
),
'Updater Routines' => array(
'Updater Routines' => array(
Plugin_Updater_Check::TYPE_PLUGIN_UPDATER_ROUTINES,
'test-plugin-updater-routines-errors/load.php',
'load.php',
'update_modification_detected',
false,
),
'Updater Routines Regex' => array(
'Updater Routines Regex' => array(
Plugin_Updater_Check::TYPE_PLUGIN_UPDATER_ROUTINES,
'test-plugin-updater-routines-regex-errors/load.php',
'load.php',
Expand Down