Merge branch 'trunk' into cli-exclude-files-windows

includes/Checker/Checks/Plugin_Repo/File_Type_Check.php

@@ -29,7 +29,8 @@ class File_Type_Check extends Abstract_File_Check {
 	const TYPE_VCS         = 4;
 	const TYPE_HIDDEN      = 8;
 	const TYPE_APPLICATION = 16;
-	const TYPE_ALL         = 31; // Same as all of the above with bitwise OR.
+	const TYPE_BADLY_NAMED = 32;
+	const TYPE_ALL         = 63; // Same as all of the above with bitwise OR.
 
 	/**
 	 * Bitwise flags to control check behavior.
@@ -90,6 +91,10 @@ protected function check_files( Check_Result $result, array $files ) {
 		if ( $this->flags & self::TYPE_APPLICATION ) {
 			$this->look_for_application_files( $result, $files );
 		}
+		if ( $this->flags & self::TYPE_BADLY_NAMED ) {
+			// Check for badly named files.
+			$this->look_for_badly_named_files( $result, $files );
+		}
 	}
 
 	/**
@@ -244,6 +249,42 @@ protected function look_for_application_files( Check_Result $result, array $file
 		}
 	}
 
+	/**
+	 * Looks for application files and amends the given result with an error if found.
+	 *
+	 * @since 1.2.0
+	 *
+	 * @param Check_Result $result The check result to amend, including the plugin context to check.
+	 * @param array        $files  List of absolute file paths.
+	 */
+	protected function look_for_badly_named_files( Check_Result $result, array $files ) {
+		$conflict_chars = '!@#$%^&*()+=[]{};:"\'<>,?/\\|`~';
+
+		foreach ( $files as $file ) {
+			$badly_name = false;
+			if ( preg_match( '/\s/', $file ) ) {
+				$badly_name = true;
+			}
+
+			if ( preg_match( '/[' . preg_quote( $conflict_chars, '/' ) . ']/', basename( $file ) ) ) {
+				$badly_name = true;
+			}
+
+			if ( $badly_name ) {
+				$this->add_result_error_for_file(
+					$result,
+					__( 'Badly named files are not permitted.', 'plugin-check' ),
+					'badly_named_files',
+					$file,
+					0,
+					0,
+					'',
+					8
+				);
+			}
+		}
+	}
+
 	/**
 	 * Gets the description for the check.
 	 *
@@ -254,7 +295,7 @@ protected function look_for_application_files( Check_Result $result, array $file
 	 * @return string Description.
 	 */
 	public function get_description(): string {
-		return __( 'Detects the usage of hidden and compressed files, VCS directories, and application files.', 'plugin-check' );
+		return __( 'Detects the usage of hidden and compressed files, VCS directories, application files and badly named files.', 'plugin-check' );
 	}
 
 	/**

plugin.php

@@ -5,7 +5,7 @@
  * Description: Plugin Check is a WordPress.org tool which provides checks to help plugins meet the directory requirements and follow various best practices.
  * Requires at least: 6.3
  * Requires PHP: 7.2.24
- * Version: 1.1.0
+ * Version: 1.2.0
  * Author: WordPress Performance Team and Plugin Review Team
  * License: GPLv2 or later
  * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
@@ -16,7 +16,7 @@
 
 use WordPress\Plugin_Check\Plugin_Main;
 
-define( 'WP_PLUGIN_CHECK_VERSION', '1.1.0' );
+define( 'WP_PLUGIN_CHECK_VERSION', '1.2.0' );
 define( 'WP_PLUGIN_CHECK_MINIMUM_PHP', '7.2.24' );
 define( 'WP_PLUGIN_CHECK_MAIN_FILE', __FILE__ );
 define( 'WP_PLUGIN_CHECK_PLUGIN_DIR_PATH', plugin_dir_path( WP_PLUGIN_CHECK_MAIN_FILE ) );

readme.txt

@@ -2,7 +2,7 @@
 
 Contributors:      wordpressdotorg
 Tested up to:      6.6
-Stable tag:        1.1.0
+Stable tag:        1.2.0
 License:           GPLv2 or later
 License URI:       https://www.gnu.org/licenses/gpl-2.0.html
 Tags:              plugin best practices, testing, accessibility, performance, security
@@ -68,6 +68,29 @@ In any case, passing the checks in this tool likely helps to achieve a smooth pl
 
 == Changelog ==
 
+= 1.2.0 =
+
+* Enhancement - Added a check for badly used names in files.
+* Enhancement - Increased severity for `BacktickOperator`, `DisallowShortOpenTag`, `DisallowAlternativePHPTags`, `RestrictedClasses`, and `RestrictedFunctions`.
+* Enhancement - Added security checks to the Plugin repository category.
+* Enhancement - Allowed `runtime-set` in code sniffer checks.
+* Enhancement - Changed warnings to errors in plugin header checks.
+* Enhancement - Detect forbidden plugin headers such as repository URIs in the Directory.
+* Enhancement - Added a new check for development functions that are not allowed in final plugins.
+* Enhancement - Created new images and icons for the plugin.
+* Enhancement - Introduced a slug argument in the CLI.
+* Enhancement - Added a check for discouraged PHP functions.
+* Enhancement - Added validation for Contributors in the readme file.
+* Enhancement - Added a warning for mismatched plugin names in the plugin header and readme file.
+* Enhancement - Checked for validation of Plugin Header fields: Name, Plugin URI, Description, Author URI, Requires at least, Requires PHP, and Requires Plugins.
+* Enhancement - Added a warning if the "Tested up to" value in the readme file exceeds the released version of WordPress.
+* Fix - Display a success message if no errors or warnings are found.
+* Fix - Made table results responsive.
+* Fix - Prevent proceeding to the next check if the Stable Tag value is set to `trunk`.
+* Fix - Allow runtime initialization even when only add-on checks are requested.
+* Fix - Fixed an SPDX warning for the `GPL version 3` license.
+* Fix - Prevent runtime checks in the CLI context when they cannot be used.
+
 = 1.1.0 =
 
 * Feature - New `Non_Blocking_Scripts_Check` (`non_blocking_scripts`) runtime check to warn about enqueued scripts that use neither `defer` nor `async`.

tests/phpunit/testdata/plugins/test-plugin-file-type-badly-named-files-errors/badly directory/file.php

@@ -0,0 +1,2 @@
+<?php
+// File in a directory with a badly named file.

tests/phpunit/testdata/plugins/test-plugin-file-type-badly-named-files-errors/badly|file%name!@#$%^&*()+=[]{};:"'<>,?|`~.php

@@ -0,0 +1,3 @@
+<?php
+
+// This file has a badly named file.

tests/phpunit/testdata/plugins/test-plugin-file-type-badly-named-files-errors/load.php

@@ -0,0 +1,17 @@
+<?php
+/**
+ * Plugin Name: Test Plugin File Type Badly Named Files Errors
+ * Plugin URI: https://github.com/wordpress/plugin-check
+ * Description: Some plugin description.
+ * Author: WordPress Review Team
+ * Author URI: https://make.wordpress.org/performance/
+ * License: GPLv2 or later
+ * License URI: https://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ * Text Domain: test-plugin-file-type-badly-named-files-errors
+ *
+ * @package test-plugin-file-type-badly-named-files-errors
+ */
+
+/**
+ * Plugin folder contains a file with a badly named file.
+ */

tests/phpunit/testdata/plugins/test-plugin-file-type-badly-named-files-errors/plugin name.php

@@ -0,0 +1,3 @@
+<?php
+
+// This is an error file.

tests/phpunit/tests/Checker/Checks/File_Type_Check_Tests.php

@@ -98,4 +98,33 @@ public function test_run_without_any_file_type_errors() {
 		$this->assertEmpty( $errors );
 		$this->assertSame( 0, $check_result->get_error_count() );
 	}
+
+	public function test_run_with_badly_named_errors() {
+		// Test plugin without any forbidden file types.
+		$check_context = new Check_Context( UNIT_TESTS_PLUGIN_DIR . 'test-plugin-file-type-badly-named-files-errors/load.php' );
+		$check_result  = new Check_Result( $check_context );
+
+		$check = new File_Type_Check( File_Type_Check::TYPE_BADLY_NAMED );
+		$check->run( $check_result );
+
+		$errors = $check_result->get_errors();
+
+		$this->assertNotEmpty( $errors );
+		$this->assertEquals( 3, $check_result->get_error_count() );
+
+		// Check for invalid name error.
+		$this->assertArrayHasKey( 0, $errors['plugin name.php'] );
+		$this->assertArrayHasKey( 0, $errors['plugin name.php'][0] );
+		$this->assertCount( 1, wp_list_filter( $errors['plugin name.php'][0][0], array( 'code' => 'badly_named_files' ) ) );
+
+		// Badly named directory check.
+		$this->assertArrayHasKey( 0, $errors['badly directory/file.php'] );
+		$this->assertArrayHasKey( 0, $errors['badly directory/file.php'][0] );
+		$this->assertCount( 1, wp_list_filter( $errors['badly directory/file.php'][0][0], array( 'code' => 'badly_named_files' ) ) );
+
+		// Badly named file with special chars.
+		$this->assertArrayHasKey( 0, $errors['badly|file%name!@#$%^&*()+=[]{};:"\'<>,?|`~.php'] );
+		$this->assertArrayHasKey( 0, $errors['badly|file%name!@#$%^&*()+=[]{};:"\'<>,?|`~.php'][0] );
+		$this->assertCount( 1, wp_list_filter( $errors['badly|file%name!@#$%^&*()+=[]{};:"\'<>,?|`~.php'][0][0], array( 'code' => 'badly_named_files' ) ) );
+	}
 }