WordPress · mukeshpanchal27 · Apr 5, 2023 · Apr 3, 2023 · Apr 3, 2023 · Apr 4, 2023
diff --git a/admin/load.php b/admin/load.php
@@ -140,14 +140,17 @@ function perflab_render_modules_page_field( $module_slug, $module_data, $module_
 				<?php
 				if ( $module_data['experimental'] ) {
 					printf(
-						/* translators: %s: module name */
-						__( 'Enable %s <strong>(experimental)</strong>', 'performance-lab' ),
+						wp_kses(
+							/* translators: %s: module name */
+							__( 'Enable %s <strong>(experimental)</strong>', 'performance-lab' ),
+							array( 'strong' => array() )
+						),
 						esc_html( $module_data['name'] )
 					);
 				} else {
 					printf(
 						/* translators: %s: module name */
-						__( 'Enable %s', 'performance-lab' ),
+						esc_html__( 'Enable %s', 'performance-lab' ),
 						esc_html( $module_data['name'] )
 					);
 				}
@@ -173,7 +176,7 @@ function perflab_render_modules_page_field( $module_slug, $module_data, $module_
 				} else {
 					printf(
 						/* translators: %s: module name */
-						__( '%s is already part of your WordPress version and therefore cannot be loaded as part of the plugin.', 'performance-lab' ),
+						esc_html__( '%s is already part of your WordPress version and therefore cannot be loaded as part of the plugin.', 'performance-lab' ),
 						esc_html( $module_data['name'] )
 					);
 				}
@@ -250,7 +253,9 @@ function perflab_get_modules( $modules_root = null ) {
 
 	$modules      = array();
 	$module_files = array();
-	$modules_dir  = @opendir( $modules_root );
+	// PHPCS ignore reason: A modules directory is always present.
+	// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
+	$modules_dir = @opendir( $modules_root );
 
 	// Modules are organized as {focus}/{module-slug} in the modules folder.
 	if ( $modules_dir ) {
@@ -265,6 +270,8 @@ function perflab_get_modules( $modules_root = null ) {
 				continue;
 			}
 
+			// PHPCS ignore reason: Only the focus area directory is allowed.
+			// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
 			$focus_dir = @opendir( $modules_root . '/' . $focus );
 			if ( $focus_dir ) {
 				// phpcs:ignore WordPress.CodeAnalysis.AssignmentInCondition.FoundInWhileCondition
@@ -274,6 +281,8 @@ function perflab_get_modules( $modules_root = null ) {
 						continue;
 					}
 
+					// PHPCS ignore reason: Only the module directory is allowed.
+					// phpcs:ignore WordPress.PHP.NoSilencedErrors.Discouraged
 					$module_dir = @opendir( $modules_root . '/' . $focus . '/' . $file );
 					if ( $module_dir ) {
 						// phpcs:ignore WordPress.CodeAnalysis.AssignmentInCondition.FoundInWhileCondition

diff --git a/modules/images/dominant-color/hooks.php b/modules/images/dominant-color/hooks.php
@@ -236,6 +236,8 @@ function dominant_color_filter_content_tags( $content, $context = null ) {
  */
 function dominant_color_add_inline_style() {
 	$handle = 'dominant-color-styles';
+	// PHPCS ignore reason: Version not used since this handle is only registered for adding an inline style.
+	// phpcs:ignore WordPress.WP.EnqueuedResourceParameters.MissingVersion
 	wp_register_style( $handle, false );
 	wp_enqueue_style( $handle );
 	$custom_css = 'img[data-dominant-color]:not(.has-transparency) { background-color: var(--dominant-color); }';

diff --git a/modules/images/webp-uploads/hooks.php b/modules/images/webp-uploads/hooks.php
@@ -242,6 +242,8 @@ function webp_uploads_wp_get_missing_image_subsizes( $missing_sizes, $image_meta
 	 * @see wp_update_image_subsizes()
 	 * @see wp_get_missing_image_subsizes()
 	 */
+	// PHPCS ignore reason: Only the way to generate missing image subsize if all core sub-sizes have been generated.
+	// phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_debug_backtrace
 	$trace = debug_backtrace( DEBUG_BACKTRACE_IGNORE_ARGS, 10 );
 
 	foreach ( $trace as $element ) {

diff --git a/modules/images/webp-uploads/image-edit.php b/modules/images/webp-uploads/image-edit.php
@@ -120,7 +120,10 @@ function ( $metadata, $post_meta_id ) use ( $post_id, $file_path, $mime_type, $e
 
 			$old_metadata = wp_get_attachment_metadata( $post_id );
 			$resize_sizes = array();
-			$target       = isset( $_REQUEST['target'] ) ? sanitize_key( $_REQUEST['target'] ) : 'all';
+			// PHPCS ignore reason: A nonce check is not necessary here as this logic directly ties in with WordPress core
+			// function `wp_ajax_image_editor()` which already has one.
+			// phpcs:ignore WordPress.Security.NonceVerification.Recommended
+			$target = isset( $_REQUEST['target'] ) ? sanitize_key( $_REQUEST['target'] ) : 'all';
 
 			foreach ( $old_metadata['sizes'] as $size_name => $size_details ) {
 				// If the target is 'nothumb', skip generating the 'thumbnail' size.
@@ -237,6 +240,8 @@ function ( $metadata, $post_meta_id ) use ( $post_id, $file_path, $mime_type, $e
  * @return array The updated metadata for the attachment to be stored in the meta table.
  */
 function webp_uploads_update_attachment_metadata( $data, $attachment_id ) {
+	// PHPCS ignore reason: Update the attachment's metadata by either restoring or editing it.
+	// phpcs:ignore WordPress.PHP.DevelopmentFunctions.error_log_debug_backtrace
 	$trace = debug_backtrace( DEBUG_BACKTRACE_IGNORE_ARGS, 10 );
 
 	foreach ( $trace as $element ) {
@@ -272,6 +277,9 @@ function webp_uploads_update_attachment_metadata( $data, $attachment_id ) {
  * @return array The updated metadata for the attachment.
  */
 function webp_uploads_backup_sources( $attachment_id, $data ) {
+	// PHPCS ignore reason: A nonce check is not necessary here as this logic directly ties in with WordPress core
+	// function `wp_ajax_image_editor()` which already has one.
+	// phpcs:ignore WordPress.Security.NonceVerification.Recommended
 	$target = isset( $_REQUEST['target'] ) ? sanitize_key( $_REQUEST['target'] ) : 'all';
 
 	// When an edit to an image is only applied to a thumbnail there's nothing we need to back up.

diff --git a/phpcs.xml.dist b/phpcs.xml.dist
@@ -5,8 +5,12 @@
 	<rule ref="PHPCompatibility"/>
 	<config name="testVersion" value="5.6-"/>
 
-	<rule ref="WordPress-Core"/>
 	<rule ref="WordPress-Docs"/>
+	<rule ref="WordPress-Extra">
+		<exclude-pattern>tests/*</exclude-pattern>
+		<!-- TODO The SQLite module generates a lot of notices and errors, so it will be covered later. -->
+		<exclude-pattern>modules/database/sqlite/*</exclude-pattern>
+	</rule>
 	<rule ref="WordPress.WP.I18n"/>
 	<config name="text_domain" value="performance-lab,default"/>
 
@@ -68,4 +72,9 @@
 	<rule ref="PHPCompatibility.FunctionDeclarations.NewReturnTypeDeclarations.boolFound">
 		<exclude-pattern>tests/utils/*</exclude-pattern>
 	</rule>
+	<!--
+	Prevent errors caused by WordPress Coding Standards not supporting PHP 8.0+.
+	See https://github.com/WordPress/WordPress-Coding-Standards/issues/2035
+	-->
+	<ini name="error_reporting" value="E_ALL &#38; ~E_DEPRECATED" />
 </ruleset>