Fränk Klein
Fränk Klein
The `WP_Post` class offers access to various properties through magic getters: - `$page_template` - `$ancestors` - `$post_category` - `$tag_input` In addition, post meta can be retrieved by using `$post->meta_key`. We...
The according to the documentation, the `filter_sideload_move_temp_file_to_s3()` method of `S3_Uploads` exists to work around [Core bug #29257](https://core.trac.wordpress.org/ticket/29257). This issue is marked as fixed for 4.4, so we should review whether...
Currently different checks and analyzers deal with directories and files in similar ways. Examples are extracting file endings, file paths, file contents, etc. There is a lot of code duplication...
According to the [Core Accessibility Group](https://make.wordpress.org/accessibility/2015/02/09/hiding-text-for-screen-readers-with-wordpress-core/), only the `:focus` styles are needed.
Currently every check class contains a `check()` method, that executes all the different checks. Having a large method that often looks for very different issues makes checks different to read...
Currently, the TitleCheck still accepts the old way of hardcoding `` tags with a call to `wp_title()` in the `header.php` file of the theme. We should adapt this check, so...
After the recent patches concerning the [potential vulnerabilities](https://make.wordpress.org/plugins/2015/04/20/fixing-add_query_arg-and-remove_query_arg-usage/) related to the `add_query_arg()` and `remove_query_arg()` functions, we should have a specific check for lack of sanitization or escaping.
Google recommends [loading fonts via HTTPS](https://developers.google.com/speed/libraries/?csw=1#libraries): > We recommend that you load libraries from the CDN via HTTPS, even if your own website only uses HTTP. Nowadays, performance is fast,...
We should flag usage of usage of `query_posts()` and `wp_reset_query()` for VIP and Premium themes. `query_posts()` is already flagged by the current premium review type, so it would be best...
Certain VIP approved plugins and libraries are deprecated and should not be used in new projects. The scanner should detect automatically whenever such deprecated code is integrated into a theme.