Skip to content

codesniffer: Add Jetpack.Functions.EscJs sniff #46243

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
anomiex merged 3 commits into from
Dec 11, 2025
Merged

codesniffer: Add Jetpack.Functions.EscJs sniff #46243

anomiex merged 3 commits into from
Dec 11, 2025

Conversation

@anomiex
Copy link
Contributor

@anomiex anomiex commented Dec 9, 2025
edited by robertsreberski
Loading

Closes MONOREP-285

Proposed changes:

WordPress's esc_js() function is a legacy of pre-PHP-5.2 days which does some odd things to the input. In modern code, it will be better to use esc_attr() and/or wp_json_encode().

Now that most existing uses are cleaned up, add a sniff to discourage future use. A few files with remaining uses are added to tools/phpcs-excludelist.json.

Other information:

  • Have you written new tests for your changes, if applicable?
  • Have you checked the E2E test CI results, and verified that your changes do not break them?
  • Have you tested your changes on WordPress.com, if applicable (if so, you'll see a generated comment below with a script to run)?

Jetpack product discussion

Followup to #46229

Does this pull request change what data or activity we track or use?

No

Testing instructions:

  • CI happy?
  • Try adding new calls to esc_js(). Are they caught?

@anomiex
codesniffer: Add Jetpack.Functions.EscJs sniff
50bf94f 
WordPress's `esc_js()` function is a legacy of pre-PHP-5.2 days which
does some odd things to the input. In modern code, it will be better to
use `esc_attr()` and/or `wp_json_encode()`.

Now that most existing uses are cleaned up, add a sniff to discourage
future use. A few files with remaining uses are added to
`tools/phpcs-excludelist.json`.
@anomiex anomiex requested a review from a team December 9, 2025 18:05
@anomiex anomiex self-assigned this Dec 9, 2025
@anomiex anomiex added [Type] Enhancement Changes to an existing feature — removing, adding, or changing parts of it [Status] Needs Review This PR is ready for review. [Pri] Normal labels Dec 9, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Dec 9, 2025

Thank you for your PR!

When contributing to Jetpack, we have a few suggestions that can help us test and review your patch:

  • ✅ Include a description of your PR changes.
  • ✅ Add a "[Status]" label (In Progress, Needs Review, ...).
  • ✅ Add a "[Type]" label (Bug, Enhancement, Janitorial, Task).
  • ✅ Add testing instructions.
  • ✅ Specify whether this PR includes any changes to data or privacy.
  • ✅ Add changelog entries to affected projects

This comment will be updated as you work on your PR and make changes. If you think that some of those checks are not needed for your PR, please explain why you think so. Thanks for cooperation 🤖

Follow this PR Review Process:

  1. Ensure all required checks appearing at the bottom of this PR are passing.
  2. Make sure to test your changes on all platforms that it applies to. You're responsible for the quality of the code you ship.
  3. You can use GitHub's Reviewers functionality to request a review.
  4. When it's reviewed and merged, you will be pinged in Slack to deploy the changes to WordPress.com simple once the build is done.

If you have questions about anything, reach out in #jetpack-developers for guidance!

@jp-launch-control
Copy link

jp-launch-control bot commented Dec 9, 2025
edited
Loading

Code Coverage Summary

1 file is newly checked for coverage.

File Coverage
projects/packages/codesniffer/Jetpack/Sniffs/Functions/EscJsSniff.php 10/10 (100.00%) 💚

Full summary · PHP report · JS report

@github-actions
Copy link
Contributor

github-actions bot commented Dec 11, 2025
edited
Loading

Are you an Automattician? Please test your changes on all WordPress.com environments to help mitigate accidental explosions.

  • To test on WoA, go to the Plugins menu on a WoA dev site. Click on the "Upload" button and follow the upgrade flow to be able to upload, install, and activate the Jetpack Beta plugin. Once the plugin is active, go to Jetpack > Jetpack Beta, select your plugin (Jetpack), and enable the add/codesniffer-esc_js-sniff branch.
  • To test on Simple, run the following command on your sandbox:
bin/jetpack-downloader test jetpack add/codesniffer-esc_js-sniff

Interested in more tips and information?

  • In your local development environment, use the jetpack rsync command to sync your changes to a WoA dev blog.
  • Read more about our development workflow here: PCYsg-eg0-p2
  • Figure out when your changes will be shipped to customers here: PCYsg-eg5-p2

@anomiex anomiex merged commit ca4a682 into trunk Dec 11, 2025
68 checks passed
@anomiex anomiex deleted the add/codesniffer-esc_js-sniff branch December 11, 2025 19:36
@github-actions github-actions bot removed the [Status] Needs Review This PR is ready for review. label Dec 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@anomiex anomiex

Labels

Docs [Feature] Contact Form [Package] Codesniffer [Package] Forms [Pri] Normal [Tests] Includes Tests [Type] Enhancement Changes to an existing feature — removing, adding, or changing parts of it

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anomiex