WordPress.org

Making WordPress.org

Changeset 7874


Ignore:
Timestamp:
11/20/2018 05:36:35 AM (11 months ago)
Author:
dd32
Message:

Plugin Directory: Readme: Validate the Tested up to and Requires at least fields contain a WordPress version value.

This commit will strip Tested up to/Requires at least values which are invalid versions, or higher than trunk/master - For example, currently that's 5.0, a value of '6.0' will be ignored, and 'Tested up to: PHP 5.2.4' will be also be ignored.

Fixes #3936

Location:
sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/readme
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/readme/class-parser.php

    r7697 r7874  
    238238        }
    239239        if ( ! empty( $headers['requires'] ) ) {
    240             $this->requires = $headers['requires'];
     240            $this->requires = $this->sanitize_requires_version( $headers['requires'] );
    241241        }
    242242        if ( ! empty( $headers['tested'] ) ) {
    243             $this->tested = $headers['tested'];
     243            $this->tested = $this->sanitize_tested_version( $headers['tested'] );
    244244        }
    245245        if ( ! empty( $headers['requires_php'] ) ) {
     
    581581        // x.y or x.y.z
    582582        if ( $version && ! preg_match( '!^\d+(\.\d+){1,2}$!', $version ) ) {
    583             $this->warnings['requires_php_ignored'] = true;
     583            $this->warnings['requires_php_header_ignored'] = true;
    584584            // Ignore the readme value.
    585585            $version = '';
     586        }
     587
     588        return $version;
     589    }
     590
     591    /**
     592     * Sanitizes the Tested header to ensure that it's a valid version header.
     593     *
     594     * @param string $version
     595     * @return string The sanitized $version
     596     */
     597    protected function sanitize_tested_version( $version ) {
     598        $version = trim( $version );
     599
     600        if ( $version ) {
     601
     602            // Handle the edge-case of 'WordPress 5.0' and 'WP 5.0' for historical purposes.
     603            $strip_phrases = [
     604                'WordPress',
     605                'WP',
     606            ];
     607            $version = trim( str_ireplace( $strip_phrases, '', $version ) );
     608
     609            // Strip off any -alpha, -RC, -beta suffixes, as these complicate comparisons and are rarely used.
     610            list( $version, ) = explode( '-', $version );
     611
     612            if (
     613                // x.y or x.y.z
     614                ! preg_match( '!^\d+\.\d(\.\d+)?$!', $version ) ||
     615                // Allow plugins to mark themselves as compatible with Stable+0.1 (trunk/master) but not higher
     616                defined( 'WP_CORE_STABLE_BRANCH' ) && ( (float)$version > (float)WP_CORE_STABLE_BRANCH+0.1 )
     617             ) {
     618                $this->warnings['tested_header_ignored'] = true;
     619                // Ignore the readme value.
     620                $version = '';
     621            }
     622        }
     623
     624        return $version;
     625    }
     626
     627    /**
     628     * Sanitizes the Requires at least header to ensure that it's a valid version header.
     629     *
     630     * @param string $version
     631     * @return string The sanitized $version
     632     */
     633    protected function sanitize_requires_version( $version ) {
     634        $version = trim( $version );
     635
     636        if ( $version ) {
     637
     638            // Handle the edge-case of 'WordPress 5.0' and 'WP 5.0' for historical purposes.
     639            $strip_phrases = [
     640                'WordPress',
     641                'WP',
     642                'or higher',
     643                'and above',
     644                '+',
     645            ];
     646            $version = trim( str_ireplace( $strip_phrases, '', $version ) );
     647
     648            // Strip off any -alpha, -RC, -beta suffixes, as these complicate comparisons and are rarely used.
     649            list( $version, ) = explode( '-', $version );
     650
     651            if (
     652                // x.y or x.y.z
     653                ! preg_match( '!^\d+\.\d(\.\d+)?$!', $version ) ||
     654                // Allow plugins to mark themselves as requireing Stable+0.1 (trunk/master) but not higher
     655                defined( 'WP_CORE_STABLE_BRANCH' ) && ( (float)$version > (float)WP_CORE_STABLE_BRANCH+0.1 )
     656             ) {
     657                $this->warnings['requires_header_ignored'] = true;
     658                // Ignore the readme value.
     659                $version = '';
     660            }
    586661        }
    587662
  • sites/trunk/wordpress.org/public_html/wp-content/plugins/plugin-directory/readme/class-validator.php

    r7356 r7874  
    6969
    7070        // Warnings.
    71         if ( empty( $readme->requires ) ) {
     71        if ( isset( $readme->warnings['requires_header_ignored'] ) ) {
     72            $latest_wordpress_version = defined( 'WP_CORE_STABLE_BRANCH' ) ? WP_CORE_STABLE_BRANCH : '5.0';
     73
     74            /* translators: 1: plugin header tag; 2: Example version 5.0. 3: Example version 4.9. */
     75            $warnings[] = sprintf(
     76                __( 'The Requires at least field was ignored. %1$s field should only contain a valid WordPress version such as %2$s or %3$s.', 'wporg-plugins' ),
     77                '<code>Requires at least</code>',
     78                '<code>' . number_format( $latest_wordpress_version, 1 ) . '</code>',
     79                '<code>' . number_format( $latest_wordpress_version - 0.1, 1 ) . '</code>'
     80            );
     81        } elseif ( empty( $readme->requires ) ) {
    7282            /* translators: %s: plugin header tag */
    7383            $warnings[] = sprintf( __( '%s field is missing.', 'wporg-plugins' ), '<code>Requires at least</code>' );
    7484        }
    75         if ( empty( $readme->tested ) ) {
     85
     86        if ( isset( $readme->warnings['tested_header_ignored'] ) ) {
     87            $latest_wordpress_version = defined( 'WP_CORE_STABLE_BRANCH' ) ? WP_CORE_STABLE_BRANCH : '5.0';
     88
     89            /* translators: 1: plugin header tag; 2: Example version 5.0. 3: Example version 5.1. */
     90            $warnings[] = sprintf(
     91                __( 'The Tested up to field was ignored. %1$s field should only contain a valid WordPress version such as %2$s or %3$s.', 'wporg-plugins' ),
     92                '<code>Tested up to</code>',
     93                '<code>' . number_format( $latest_wordpress_version, 1 ) . '</code>',
     94                '<code>' . number_format( $latest_wordpress_version + 0.1, 1 ) . '</code>'
     95            );
     96        } elseif ( empty( $readme->tested ) ) {
    7697            /* translators: %s: plugin header tag */
    7798            $warnings[] = sprintf( __( '%s field is missing.', 'wporg-plugins' ), '<code>Tested up to</code>' );
    7899        }
    79         if ( isset( $readme->warnings['requires_php_ignored'] ) ) {
     100
     101        if ( isset( $readme->warnings['requires_php_header_ignored'] ) ) {
    80102            /* translators: 1: plugin header tag; 2: Example version 5.2.4. 3: Example version 7.0. */
    81103            $warnings[] = sprintf( __( 'The Requires PHP field was ignored. %1$s field should only contain a PHP version such as %2$s or %3$s.', 'wporg-plugins' ), '<code>Requires PHP</code>', '<code>5.2.4</code>', '<code>7.0</code>' );
     
    88110            $warnings[] = sprintf( __( '%1$s field is missing.  Hint: If you treat %2$s as stable, put %3$s.', 'wporg-plugins' ), '<code>Stable tag</code>', '<code>/trunk/</code>', '<code>Stable tag: trunk</code>' );
    89111        }
    90         if ( ! count( $readme->contributors ) ) {
    91             /* translators: %s: plugin header tag */
    92             $warnings[] = sprintf( __( '%s field is missing.', 'wporg-plugins' ), '<code>Contributors</code>' );
    93         }
     112
    94113        if ( isset( $readme->warnings['contributor_ignored'] ) ) {
    95114            /* translators: %s: plugin header tag */
    96115            $warnings[] = sprintf( __( 'One or more contributors listed were ignored. %s field should only contain WordPress.org usernames.', 'wporg-plugins' ), '<code>Contributors</code>' );
     116        } elseif ( ! count( $readme->contributors ) ) {
     117            /* translators: %s: plugin header tag */
     118            $warnings[] = sprintf( __( '%s field is missing.', 'wporg-plugins' ), '<code>Contributors</code>' );
    97119        }
    98120
Note: See TracChangeset for help on using the changeset viewer.