Merge pull request #62 from wp-cli/feature/use-phpcs

Implement CS checking based on the `WP_CLI_CS` ruleset

.distignore

@@ -6,6 +6,8 @@
 .travis.yml
 behat.yml
 circle.yml
+phpcs.xml.dist
+phpunit.xml.dist
 bin/
 features/
 utils/

.gitignore

@@ -6,3 +6,6 @@ vendor/
 *.tar.gz
 composer.lock
 *.log
+phpunit.xml
+phpcs.xml
+.phpcs.xml

checksum-command.php

@@ -4,9 +4,9 @@
 	return;
 }
 
-$autoload = dirname( __FILE__ ) . '/vendor/autoload.php';
-if ( file_exists( $autoload ) ) {
-	require_once $autoload;
+$wpcli_checksum_autoloader = dirname( __FILE__ ) . '/vendor/autoload.php';
+if ( file_exists( $wpcli_checksum_autoloader ) ) {
+	require_once $wpcli_checksum_autoloader;
 }
 
 WP_CLI::add_command( 'core', 'Core_Command_Namespace' );

composer.json

@@ -16,7 +16,7 @@
     },
     "require-dev": {
         "wp-cli/extension-command": "^1.2 || ^2",
-        "wp-cli/wp-cli-tests": "^2.0.7"
+        "wp-cli/wp-cli-tests": "^2.1"
     },
     "config": {
         "process-timeout": 7200,

phpcs.xml.dist

@@ -0,0 +1,64 @@
+<?xml version="1.0"?>
+<ruleset name="WP-CLI-checksum">
+	<description>Custom ruleset for WP-CLI checksum-command</description>
+
+	<!--
+	#############################################################################
+	COMMAND LINE ARGUMENTS
+	For help understanding this file: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Annotated-ruleset.xml
+	For help using PHPCS: https://github.com/squizlabs/PHP_CodeSniffer/wiki/Usage
+	#############################################################################
+	-->
+
+	<!-- What to scan. -->
+	<file>.</file>
+
+	<!-- Show progress. -->
+	<arg value="p"/>
+
+	<!-- Strip the filepaths down to the relevant bit. -->
+	<arg name="basepath" value="./"/>
+
+	<!-- Check up to 8 files simultaneously. -->
+	<arg name="parallel" value="8"/>
+
+	<!--
+	#############################################################################
+	USE THE WP_CLI_CS RULESET
+	#############################################################################
+	-->
+
+	<rule ref="WP_CLI_CS"/>
+
+	<!--
+	#############################################################################
+	PROJECT SPECIFIC CONFIGURATION FOR SNIFFS
+	#############################################################################
+	-->
+
+	<!-- For help understanding the `testVersion` configuration setting:
+		 https://github.com/PHPCompatibility/PHPCompatibility#sniffing-your-code-for-compatibility-with-specific-php-versions -->
+	<config name="testVersion" value="5.4-"/>
+
+	<!-- Verify that everything in the global namespace is either namespaced or prefixed.
+		 See: https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/wiki/Customizable-sniff-properties#naming-conventions-prefix-everything-in-the-global-namespace -->
+	<rule ref="WordPress.NamingConventions.PrefixAllGlobals">
+		<properties>
+			<property name="prefixes" type="array">
+				<element value="WP_CLI\Checksum"/><!-- Namespaces. -->
+				<element value="wpcli_checksum"/><!-- Global variables and such. -->
+			</property>
+		</properties>
+	</rule>
+
+	<!-- Exclude existing classes from the prefix rule as it would break BC to prefix them now. -->
+	<rule ref="WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedClassFound">
+		<exclude-pattern>*/src/(Plugin_|Core_)Command_Namespace\.php$</exclude-pattern>
+		<exclude-pattern>*/src/Checksum_(Plugin|Core|Base)_Command\.php$</exclude-pattern>
+	</rule>
+
+	<rule ref="WordPress.NamingConventions.PrefixAllGlobals.NonPrefixedNamespaceFound">
+		<exclude-pattern>*/src/WP_CLI/Fetchers/UnfilteredPlugin\.php$</exclude-pattern>
+	</rule>
+
+</ruleset>

src/Checksum_Base_Command.php

@@ -1,6 +1,6 @@
 <?php
 
-use \WP_CLI\Utils;
+use WP_CLI\Utils;
 
 /**
  * Base command that all checksum commands rely on.
@@ -27,10 +27,15 @@ public static function normalize_directory_separators( $path ) {
 	 *
 	 * @return mixed
 	 */
-	protected static function _read( $url ) {
+	protected static function _read( $url ) { // phpcs:ignore PSR2.Methods.MethodDeclaration.Underscore -- Could be used in classes extending this class.
 		$headers  = array( 'Accept' => 'application/json' );
-		$response = Utils\http_request( 'GET', $url, null, $headers,
-			array( 'timeout' => 30 ) );
+		$response = Utils\http_request(
+			'GET',
+			$url,
+			null,
+			$headers,
+			array( 'timeout' => 30 )
+		);
 		if ( 200 === $response->status_code ) {
 			return $response->body;
 		}
@@ -48,8 +53,10 @@ protected function get_files( $path ) {
 		$filtered_files = array();
 		try {
 			$files = new RecursiveIteratorIterator(
-				new RecursiveDirectoryIterator( $path,
-					RecursiveDirectoryIterator::SKIP_DOTS ),
+				new RecursiveDirectoryIterator(
+					$path,
+					RecursiveDirectoryIterator::SKIP_DOTS
+				),
 				RecursiveIteratorIterator::CHILD_FIRST
 			);
 			foreach ( $files as $file_info ) {

src/Checksum_Core_Command.php

@@ -1,6 +1,6 @@
 <?php
 
-use \WP_CLI\Utils;
+use WP_CLI\Utils;
 
 /**
  * Verifies core file integrity by comparing to published checksums.
@@ -9,19 +9,6 @@
  */
 class Checksum_Core_Command extends Checksum_Base_Command {
 
-	private function get_download_offer( $locale ) {
-		$out = unserialize( self::_read(
-			'https://api.wordpress.org/core/version-check/1.6/?locale=' . $locale ) );
-
-		$offer = $out['offers'][0];
-
-		if ( $offer['locale'] != $locale ) {
-			return false;
-		}
-
-		return $offer;
-	}
-
 	/**
 	 * Verifies WordPress files against WordPress.org's checksums.
 	 *
@@ -30,9 +17,9 @@ private function get_download_offer( $locale ) {
 	 *
 	 * For security, avoids loading WordPress when verifying checksums.
 	 *
-	 * If you experience issues verifying from this command, ensure you are 
-	 * passing the relevant `--locale` and `--version` arguments according to 
-	 * the values from the `Dashboard->Updates` menu in the admin area of the 
+	 * If you experience issues verifying from this command, ensure you are
+	 * passing the relevant `--locale` and `--version` arguments according to
+	 * the values from the `Dashboard->Updates` menu in the admin area of the
 	 * site.
 	 *
 	 * ## OPTIONS
@@ -67,7 +54,8 @@ private function get_download_offer( $locale ) {
 	 * @when before_wp_load
 	 */
 	public function __invoke( $args, $assoc_args ) {
-		global $wp_version, $wp_local_package;
+		$wp_version       = '';
+		$wp_local_package = '';
 
 		if ( ! empty( $assoc_args['version'] ) ) {
 			$wp_version = $assoc_args['version'];
@@ -78,16 +66,18 @@ public function __invoke( $args, $assoc_args ) {
 		}
 
 		if ( empty( $wp_version ) ) {
-			$details = self::get_wp_details();
+			$details    = self::get_wp_details();
 			$wp_version = $details['wp_version'];
 
 			if ( empty( $wp_local_package ) ) {
 				$wp_local_package = $details['wp_local_package'];
 			}
 		}
 
-		$checksums = self::get_core_checksums( $wp_version,
-			! empty( $wp_local_package ) ? $wp_local_package : 'en_US' );
+		$checksums = self::get_core_checksums(
+			$wp_version,
+			! empty( $wp_local_package ) ? $wp_local_package : 'en_US'
+		);
 
 		if ( ! is_array( $checksums ) ) {
 			WP_CLI::error( "Couldn't get checksums from WordPress.org." );
@@ -96,7 +86,7 @@ public function __invoke( $args, $assoc_args ) {
 		$has_errors = false;
 		foreach ( $checksums as $file => $checksum ) {
 			// Skip files which get updated
-			if ( 'wp-content' == substr( $file, 0, 10 ) ) {
+			if ( 'wp-content' === substr( $file, 0, 10 ) ) {
 				continue;
 			}
 
@@ -113,7 +103,7 @@ public function __invoke( $args, $assoc_args ) {
 			}
 		}
 
-		$core_checksums_files = array_filter( array_keys( $checksums ), array( $this, 'filter_file' ) );
+		$core_checksums_files = array_filter( array_keys( $checksums ), [ $this, 'filter_file' ] );
 		$core_files           = $this->get_files( ABSPATH );
 		$additional_files     = array_diff( $core_files, $core_checksums_files );
 
@@ -124,7 +114,7 @@ public function __invoke( $args, $assoc_args ) {
 		}
 
 		if ( ! $has_errors ) {
-			WP_CLI::success( "WordPress installation verifies against checksums." );
+			WP_CLI::success( 'WordPress installation verifies against checksums.' );
 		} else {
 			WP_CLI::error( "WordPress installation doesn't verify against checksums." );
 		}
@@ -160,13 +150,14 @@ private static function get_wp_details() {
 		if ( ! is_readable( $versions_path ) ) {
 			WP_CLI::error(
 				"This does not seem to be a WordPress install.\n" .
-				"Pass --path=`path/to/wordpress` or run `wp core download`." );
+				'Pass --path=`path/to/wordpress` or run `wp core download`.'
+			);
 		}
 
 		$version_content = file_get_contents( $versions_path, null, null, 6, 2048 );
 
-		$vars   = array( 'wp_version', 'wp_db_version', 'tinymce_version', 'wp_local_package' );
-		$result = array();
+		$vars   = [ 'wp_version', 'wp_db_version', 'tinymce_version', 'wp_local_package' ];
+		$result = [];
 
 		foreach ( $vars as $var_name ) {
 			$result[ $var_name ] = self::find_var( $var_name, $version_content );
@@ -195,15 +186,11 @@ private static function find_var( $var_name, $code ) {
 		}
 
 		$start = $start + strlen( $var_name ) + 3;
-		$end   = strpos( $code, ";", $start );
+		$end   = strpos( $code, ';', $start );
 
 		$value = substr( $code, $start, $end - $start );
 
-		if ( $value[0] = "'" ) {
-			return trim( $value, "'" );
-		} else {
-			return intval( $value );
-		}
+		return trim( $value, "'" );
 	}
 
 	/**
@@ -214,25 +201,24 @@ private static function find_var( $var_name, $code ) {
 	 * @return bool|array False on failure. An array of checksums on success.
 	 */
 	private static function get_core_checksums( $version, $locale ) {
-		$url = 'https://api.wordpress.org/core/checksums/1.0/?' . http_build_query( compact( 'version', 'locale' ), null, '&' );
+		$query = http_build_query( compact( 'version', 'locale' ), null, '&' );
+		$url   = "https://api.wordpress.org/core/checksums/1.0/?{$query}";
 
-		$options = array(
-			'timeout' => 30
-		);
+		$options = [ 'timeout' => 30 ];
 
-		$headers = array(
-			'Accept' => 'application/json'
-		);
+		$headers  = [ 'Accept' => 'application/json' ];
 		$response = Utils\http_request( 'GET', $url, null, $headers, $options );
 
-		if ( ! $response->success || 200 != $response->status_code )
+		if ( ! $response->success || 200 !== (int) $response->status_code ) {
 			return false;
+		}
 
 		$body = trim( $response->body );
 		$body = json_decode( $body, true );
 
-		if ( ! is_array( $body ) || ! isset( $body['checksums'] ) || ! is_array( $body['checksums'] ) )
+		if ( ! is_array( $body ) || ! isset( $body['checksums'] ) || ! is_array( $body['checksums'] ) ) {
 			return false;
+		}
 
 		return $body['checksums'];
 	}

src/Checksum_Plugin_Command.php

@@ -269,7 +269,8 @@ private function get_plugin_files( $path ) {
 	 */
 	private function check_file_checksum( $path, $checksums ) {
 		if ( $this->supports_sha256()
-		     && array_key_exists( 'sha256', $checksums ) ) {
+			&& array_key_exists( 'sha256', $checksums )
+		) {
 			$sha256 = $this->get_sha256( $this->get_absolute_path( $path ) );
 
 			return in_array( $sha256, (array) $checksums['sha256'], true );

src/WP_CLI/Fetchers/UnfilteredPlugin.php

@@ -26,9 +26,9 @@ class UnfilteredPlugin extends Base {
 	 */
 	public function get( $name ) {
 		foreach ( get_plugins() as $file => $_ ) {
-			if ( $file === "$name.php" ||
+			if ( "{$name}.php" === $file ||
 				( $name && $file === $name ) ||
-				( dirname( $file ) === $name && $name !== '.' ) ) {
+				( dirname( $file ) === $name && '.' !== $name ) ) {
 				return (object) compact( 'name', 'file' );
 			}
 		}