WordPress

WordPress Performance Team Proposes Developing a New Plugin Checker Tool – WP Tavern

Summary

WordPress’ Performance team is kickstarting a proposal for developing a plugin checker tool similar to the theme check plugin, which ensures themes are meeting the latest standards and best practices.

In 2021, WordPress’ Meta team built a code scanner that detects potential security risks, such as unescaped SQL queries in plugin code, with the goal of reducing the Plugin Team’s load through automation. That particular tool wasn’t developed to encourage best practices but …….

WordPress’ Efficiency group is kickstarting a proposal for creating a plugin look ater system Simply like the theme look at plugin, which ensures themes are meeting The latest requirements and biggest practices.

In 2021, WordPress’ Meta group constructed a code scanner that detects potential safety risks, Similar to unescaped SQL queries in plugin code, with the objective of reducing the Plugin Team’s load by way of automation. That particular system wasn’t developed to encourage biggest practices however pretty To Guarantee plugins Getting into the listing meet the naked minimal requirements needed for safety.

The Efficiency group is proposing constructing A particular Sort of plugin Which might flag any violations of the plugin enchancment requirements and advocate biggest practices with errors or warnings.

“It ought to cowl numerous elements of plugin enchancment, from primary requirements like right utilization of internationalization features to accessibility, performance, and safety biggest practices,” Google-sponsored contrihoweveror Felix Arntz said. He recognized three primary goals for the plugin:

  • Current plugin builders with suggestions on requirements and biggest practices all by way of enchancment.
  • Current the wordpress.org plugin consider group with An further automated system to decide sure factors or weaknesses in a plugin forward of a guide consider.
  • Current technical website house personalers with a system To evaluate plugins based mostly on these requirements and biggest practices.

The Efficiency group advocates the plugin furtherly work from the command line (using WP-CLI) and that it Transcend static code evaluation To incorporate runtime look ats that execute code.

The proposal has acquired mixed suggestions So far. A quantity of individuals Inside the dialogue welcome enchancment on such a system and Can be Eager to place it to use with Their very personal plugins. Others are apprehensive Regarding the look ats turning into too heavy-handed and negatively impacting the plugin ecosystem.

“Having a plugin to automate these look ats sounds good,” WordPress developer Michael Nelson said. “I fear although that finally This will imply WP plugin author devs May want to undertake WP’s code type too, Which might be pretty annoying.”

WordPress developer Josh Pollock commented that he shares these considerations and is apprehensive about how these requirements Could Even be utilized in the direction of plugins that Weren’t created to assist PHP5, use composer for dependency administration and automation, and share PHP code with completely different frameworks.

“If this HELPS plugin builders, then nice, however Whether or not It is used as a weapon to insist on requirements, then I assume It Goes to be a nail in WP’s coffin,” plugin developer Robin W said.

“Do You’d like to Want to insist on stuff That might not safety essential, then The present documentation Is method from useful to rookies.

“Now if the system rewrote the code To plain, so the dev acquired a ‘That is typically A gooder mannequin’ then I might be …….

Source: https://wptavern.com/wordpress-performance-team-proposes-developing-a-new-plugin-checker-tool