Skip to content

Version 1.7.0

Latest
Latest

Choose a tag to compare

View all tags
@davidperezgar davidperezgar released this 07 Nov 16:16
· 86 commits to trunk since this release
1.7.0
1304783
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
  • Enhancement - Add Minified File Detection Check to identify and handle minified files in plugins.
  • Enhancement - Implement check for insecure use of wp_verify_nonce() to improve security validation.
  • Enhancement - Add direct database query sniff to detect direct database calls without using WordPress functions.
  • Enhancement - Add prefixing check to ensure proper function and class name prefixing.
  • Enhancement - Update localhost sniff regex to improve detection of localhost URLs including *.local domains.
  • Enhancement - Disallow runtime checks when custom user table constants are defined for better compatibility.
  • Enhancement - Add forbidden functions check to detect usage of disallowed PHP functions.
  • Enhancement - New check for wp_safe_redirect to encourage use of WordPress safe redirect function.
  • Enhancement - Improve mismatched text domain check for better internationalization validation.
  • Enhancement - Detect links that request five-star reviews to enforce plugin directory guidelines.
  • Enhancement - Add The Unlicense to GPL-compatible license check.
  • Enhancement - Improve localhost sniff code for more accurate detection.
  • Fix - Ignore vendor_prefixed and vendor-prefixed folders in checks to prevent false positives.
  • Fix - Handle possible empty element in scanner to prevent PHP warnings.
  • Fix - Hide error output in scanner for cleaner output.
  • Fix - Call ReflectionProperty::setAccessible() only in older PHP versions for better PHP 8.1+ compatibility.
  • Fix - Prevent deletion of custom WordPress tables during cleanup in test environment.
Assets 3
Loading