Anyone who’s had to do code reviews on a team before can tell you that inconsistent coding standards add a lot of unnecessary noise to the review process. Even minor things like trailing whitespace, spaces v. tabs, code indentation, and whitespace (or lack thereof) around function declarations can cause merge conflicts and increase the time it takes to do a good code review.
Fortunately, coding standards are pretty easy to check, and there are great tools like PHP_CodeSniffer that can scan your codebase for issues with coding standards. WordPress has a well-defined set of coding standards, and there’s even a collection of PHP_CodeSniffer standards for WordPress. With Composer and a little bit of configuration we can check our coding standards, catch common security issues (missing input sanitization, output escaping, etc.), and even validate that everything’s well-documented.
We have the tools to write standards-compliant code, so now we just have to configure them and make them run automatically. That’s where my latest project comes in: I’m happy to announce WP Enforcer is available for your projects!
Continue reading→