PHPackages jrfnl/qawpprojects - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Testing & Quality](/categories/testing) 4. / 5. jrfnl/qawpprojects ActivePhpcodesniffer-standard[Testing & Quality](/categories/testing) jrfnl/qawpprojects ================== A set of PHP Codesniffer standards which can be used to check the code quality of WordPress projects. 1.0.1(6y ago)18362MITPHPPHP >=5.4 Since Nov 24Pushed 5y ago6 watchersCompare [ Source](https://github.com/jrfnl/QA-WP-Projects)[ Packagist](https://packagist.org/packages/jrfnl/qawpprojects)[ RSS](/packages/jrfnl-qawpprojects/feed)WikiDiscussions master Synced yesterday READMEChangelog (6)Dependencies (5)Versions (7)Used By (0) Using PHP Codesniffer for QA reviews of WordPress projects ========================================================== [](#using-php-codesniffer-for-qa-reviews-of-wordpress-projects) [![Build Status](https://camo.githubusercontent.com/e0e997eef98af4c8ba5c8848e198ec9dc56a743c79bbfdbd2dd25f37315f7e81/68747470733a2f2f7472617669732d63692e6f72672f6a72666e6c2f51412d57502d50726f6a656374732e706e673f6272616e63683d6d6173746572)](https://travis-ci.org/jrfnl/QA-WP-Projects) - [Introduction](#introduction) - [Talks](#talks) - [Installation](#installation) - [Using the installed rulesets](#using-the-installed-rulesets) - [Reviewing WordPress plugins and themes](#reviewing-wordpress-plugins-and-themes) - [Before running the tool](#before-running-the-tool) - [How to run ?](#how-to-run-) - [How to interpret the results ?](#how-to-interpret-the-results-) - [License](#license) Introduction ------------ [](#introduction) This project primarily was created as an example / proof of concept for talks about how to use a variety of PHPCS rules and standards to get an indication of code quality for WordPress plugins and themes. As a secondary use-case, this project can be used to install all relevant WordPress related [PHP\_CodeSniffer](https://github.com/squizlabs/PHP_CodeSniffer) rulesets in one go. ***Note: This repository will not be actively maintained.*** Talks ----- [](#talks) Presentations which feature this repo: DateEventSlidesVideoDec 2019WP Leiden meetup[Slides](https://speakerdeck.com/jrf/your-code-can-be-poetry-too)Mar 2018WordCamp Rotterdam[Slides](https://speakerdeck.com/jrf/leveraging-the-wordpress-coding-standards-to-review-plugins-and-themes-1)[Video](https://wordpress.tv/2018/04/18/juliette-reinders-folmer-leveraging-the-wordpress-coding-standards-to-review-plugins-and-themes/)Nov 2017WordCamp Utrecht[Slides](https://speakerdeck.com/jrf/leveraging-the-wordpress-coding-standards-to-review-plugins-and-themes)[Video](https://wordpress.tv/2018/01/05/juliette-reinders-folmer-leveraging-the-wordpress-coding-standards-to-review/)Sep 2017WP Fryslân meetup[Slides](https://speakerdeck.com/jrf/for-non-developers)Installation ------------ [](#installation) ### Requirements [](#requirements) - PHP 5.4+. - [Composer](https://getcomposer.org/download/) ### Installation for a specific project [](#installation-for-a-specific-project) > #### About project based installation: > > [](#about-project-based-installation) > > Using this method, the tooling will only be available to that specific project. > > **Pros**: Using a project based install, you document what tooling the project uses and make it easy for other contributors to the project to install that tooling. > > **Cons:** For each additional project, you will need to do the installation again. From the project root, run the following command: ``` composer require --dev jrfnl/qawpprojects ``` The PHP\_CodeSniffer command will now be available from the project root as `vendor/bin/phpcs`. To update the install in the future, run the following command from the project root: ``` composer update jrfnl/qawpprojects --with-dependencies ``` ### Global installation [](#global-installation) > #### About global installation: > > [](#about-global-installation) > > Using this method, the tooling will be available from anywhere on your system. > > **Pros**: You only need to install it once. > > **Cons:** If you use the tooling for your projects and the projects are open to other contributors, it will be unclear what tooling you expect them to use. Run the following command from anywhere on your system: ``` composer global require --dev jrfnl/qawpprojects ``` Make sure the Composer "home" `vendor/bin` directory is in your system path. To find out what the Composer "home" directory is, run `composer config --list --global` and see what's listed under `home`. Take that directory, add `/vendor/bin` to it and make sure it's in your operating system's `$PATH` variable. The PHP\_CodeSniffer command will now be available from anywhere on your computer as `phpcs`. To update the install in the future, run the following command from anywhere on your system: ``` composer global update jrfnl/qawpprojects --with-dependencies ``` ### Verify the install succeeded [](#verify-the-install-succeeded) Once the installation is finished, run the following command to verify the installation was succesfull: ``` # For a project based install: vendor/bin/phpcs -i # For a global install: phpcs -i ``` The output should look like this: ``` The installed coding standards are MySource, PEAR, PSR1, PSR12, PSR2, Squiz, Zend, WP-QA-Basic, WP-QA-Strict, PHPCompatibility, PHPCompatibilityParagonieRandomCompat, PHPCompatibilityParagonieSodiumCompat, PHPCompatibilityWP, WordPress, WordPress-Core, WordPress-Docs, WordPress-Extra and WPThemeReview ``` Using the installed rulesets ---------------------------- [](#using-the-installed-rulesets) After installation, you can use any of the above listed PHPCS rulesets, or a combination of them, for your projects. - `WordPress-Core` checks code based on the code-style and best practice guidelines described in the [WordPress PHP Coding Standards Handbook](https://make.wordpress.org/core/handbook/best-practices/coding-standards/php/). - `WordPress-Docs` checks code documentation based on the guidelines described in the [WordPress PHP Documentation Standards Handbook](https://make.wordpress.org/core/handbook/best-practices/inline-documentation-standards/php/). - `WordPress-Extra` is `WordPress-Core` + extra checks for common best practices, both for code in general, as well as WordPress specific best practices. - `WordPress` is a combination of the above three rulesets. For plugins and themes, using either `WordPress` or `WordPress-Extra` is recommended. - [`PHPCompatibilityWP`](https://github.com/PHPCompatibility/PHPCompatibilityWP) checks code for being PHP cross-version compatible while preventing false positives for PHP features polyfilled in WordPress itself. This is the recommended PHPCompatibility ruleset to use for WordPress projects. The other PHPCompatibility rulesets listed are included in this ruleset. - [`WPThemeReview`](https://github.com/WPTRT/WPThemeReview) is specifically for WordPress themes and checks the code against the guidelines for submission to the Theme repository on wordpress.org as described in the [Theme Handbook](https://make.wordpress.org/themes/handbook/review/) It is strongly recommended to document the settings you use in a custom ruleset and to add some minimal sniff configuration for optimal results. An example ruleset which you can place in the root of your project, including documentation on what you should adjust, can be found in the [sample-project-ruleset](https://github.com/jrfnl/QA-WP-Projects/tree/master/sample-project-ruleset) directory. Reviewing WordPress plugins and themes -------------------------------------- [](#reviewing-wordpress-plugins-and-themes) This repository comes with two native rulesets - `WP-QA-Basic` and `WP-QA-Strict` - which are specifically intended for reviewing WordPress plugins and themes without much knowledge of code. These rulesets do not look at the code style consistency of code. They will only evaluate whether code is well documented, tested and whether there are any code quality issues detected. When you run either of these rulesets over a project, a customized report will be displayed to give you a [fingerspitzengefuhl](https://en.wikipedia.org/wiki/Fingerspitzengef%C3%BChl) of the code quality of a project. ### Before running the tool [](#before-running-the-tool) To use this tool to review WordPress plugins and themes, the tool needs a little bit of information about the plugin/theme you want to review. - Download the plugin/theme and unzip it. - Check with your webhost on which **version of PHP** the site for which you want to use the plugin/theme is running. - Open the `readme.txt` file in the root of the plugin/theme directory and check what the **minimum supported WP version** is for the plugin/theme. - Open the plugin main file or the theme `functions.php` file and check if it has a `Text Domain: my-plugin` header. If it has, make a note of the text domain. Otherwise, use the plugin/theme slug. - "Guess" the prefixes the plugin/theme will use. Often this is the plugin/theme slug or an acronym based on the plugin/theme slug. For instance for `bbPress`, the prefix might be (and is): `bbp`. ### How to run ? [](#how-to-run-) Run the tool from the project root like so (command based on global install): ``` phpcs . --standard=WP-QA-Basic --basepath=./ --runtime-set testVersion 5.6- --runtime-set minimum_supported_wp_version 4.5 --runtime-set prefixes plugin_prefix,plugin_acronym --ignore=*/node-modules/* --runtime-set text_domain plugin-slug ``` *⚠️ Do replace the various values in the command with the values you looked up in the previous step.* The output will look something like this: ``` WORDPRESS PROJECT QA REPORT ==================================================================================================== This report highlights potential problem areas in the scanned code. It is advisable to let an experienced developer assess whether the highlighted issues are actually problematic. This report is intended solely as soft advise, not as a hard judgement. ---------------------------------------------------------------------------------------------------- ==================================================================================================== GENERAL INFORMATION ABOUT THE ANALYSED CODE BASE. ==================================================================================================== File Type | Files | Lines * | Code | Comments ------------------------------------------------------------------------------ plugin | 272 | 90640 | 57752 (63.7%) | 33160 (36.6%) test | 31 | 202 | 174 (86.1%) | 59 (29.2%) vendor | 0 | 0 | | ============================================================================== Totals | 303 | 90842 | 57926 (63.8%) | 33219 (36.6%) * These stats exclude all blank lines. ==================================================================================================== ISSUES FOUND PER CATEGORY * ==================================================================================================== PLUGIN FILES | Errors | % of LOC | Warnings | % of LOC ------------------------------------------------------------------------ hard errors | 1 | 0.00% | - | dangerous code | 2 | 0.00% | - | untestable code | 32 | 0.04% | 55 | 0.06% outdated code | - | | 3 | 0.00% messy code | - | | 32 | 0.04% incompatible code - PHP | 75 | 0.08% | 2 | 0.00% incompatible code - WP | - | | - | potentially conflicting code | 173 | 0.19% | 24 | 0.03% ======================================================================== Total | 283 | 0.31% | 116 | 0.13% TEST FILES | Errors | % of LOC | Warnings | % of LOC ------------------------------------------------------------------------ hard errors | - | | - | dangerous code | - | | - | untestable code | - | | - | outdated code | - | | - | messy code | - | | - | incompatible code - PHP | - | | 1 | 0.50% incompatible code - WP | - | | - | potentially conflicting code | 9 | 4.46% | - | ======================================================================== Total | 9 | 4.46% | 1 | 0.50% ---------------------------------------------------------------------------------------------------- ``` > 💡 **Pro-tip** > > Use a custom ruleset instead of this long command. See the [sample-project-ruleset](https://github.com/jrfnl/QA-WP-Projects/tree/master/sample-project-ruleset) for a starting point and replace `` in the `Set the rules` section with the `WP-QA` ruleset you want to use. > > Once you have a custom ruleset set up, the command simply becomes: > > ``` > vendor/bin/phpcs > ``` ### How to interpret the results ? [](#how-to-interpret-the-results-) If the resulting report is a mystery to you, I'd recommend watching the [video](https://wordpress.tv/2018/04/18/juliette-reinders-folmer-leveraging-the-wordpress-coding-standards-to-review-plugins-and-themes/) from the talk at WordCamp Rotterdam to hear how to interpret the results. License ------- [](#license) This code is released under the [MIT License](LICENSE). ### Health Score 30 — LowBetter than 64% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity17 Limited adoption so far Community11 Small or concentrated contributor base Maturity62 Established project with proven stability Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~157 days Recently: every ~166 days Total 6 Last Release 2306d ago Major Versions 0.4 → 1.02019-12-09 ### Community Maintainers ![](https://www.gravatar.com/avatar/c276f443673da81d365a16828d46818ea4e3136f7ce05491abcc70f43c82fa4c?d=identicon)[jrfnl](/maintainers/jrfnl) --- Top Contributors [![jrfnl](https://avatars.githubusercontent.com/u/663378?v=4)](https://github.com/jrfnl "jrfnl (49 commits)") --- Tags standardsphpcswordpress ### Embed Badge ![Health badge](/badges/jrfnl-qawpprojects/health.svg) ``` [![Health](https://phpackages.com/badges/jrfnl-qawpprojects/health.svg)](https://phpackages.com/packages/jrfnl-qawpprojects) ``` ### Alternatives [wp-coding-standards/wpcs PHP\_CodeSniffer rules (sniffs) to enforce WordPress coding conventions 2.7k42.5M1.6k](/packages/wp-coding-standards-wpcs)[slevomat/coding-standard Slevomat Coding Standard for PHP\_CodeSniffer complements Consistence Coding Standard by providing sniffs with additional checks. 1.5k123.5M1.8k](/packages/slevomat-coding-standard)[phpcompatibility/phpcompatibility-wp A ruleset for PHP\_CodeSniffer to check for PHP cross-version compatibility issues in projects, while accounting for polyfills provided by WordPress. 21830.6M587](/packages/phpcompatibility-phpcompatibility-wp)[yoast/yoastcs PHP\_CodeSniffer rules for Yoast projects 221.1M29](/packages/yoast-yoastcs)[wptrt/wpthemereview PHP\_CodeSniffer rules (sniffs) to verify theme compliance with the rules for theme hosting on wordpress.org 217736.5k29](/packages/wptrt-wpthemereview)[wp-cli/wp-cli-tests WP-CLI testing framework 422.7M87](/packages/wp-cli-wp-cli-tests) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)