Add Plugin Check workflow #10
plugin-check.yml
on: pull_request
Build and check plugin
12m 16s
Annotations
10 errors and 10 warnings
WordPress.Security.EscapeOutput.OutputNotEscaped:
src/deprecated/frontend/frontend.php#L69
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$method'.
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
src/deprecated/frontend/frontend.php#L126
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$presenter'.
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
src/deprecated/frontend/frontend.php#L152
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$presenter'.
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
src/deprecated/frontend/frontend.php#L236
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$rel_prev_presenter'.
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
src/deprecated/frontend/frontend.php#L242
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$rel_next_presenter'.
|
WordPress.Security.EscapeOutput.OutputNotEscaped:
src/deprecated/frontend/breadcrumbs.php#L86
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$output'.
|
WordPress.Security.EscapeOutput.ExceptionNotEscaped:
src/config/wincher-pkce-provider.php#L147
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$pkce_method'.
|
WordPress.Security.EscapeOutput.ExceptionNotEscaped:
src/config/oauth-client.php#L103
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$exception'.
|
WordPress.Security.EscapeOutput.ExceptionNotEscaped:
src/config/oauth-client.php#L303
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$exception'.
|
WordPress.Security.EscapeOutput.ExceptionNotEscaped:
src/initializers/migration-runner.php#L168
All output should be run through an escaping function (see the Security sections in the WordPress Developer Handbooks), found '$migration_class'.
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
lib/migrations/adapter.php#L263
Use placeholders and $wpdb->prepare(); found interpolated variable $table at "SELECT * FROM $table LIMIT 1"
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
admin/class-bulk-editor-list-table.php#L281
Use placeholders and $wpdb->prepare(); found interpolated variable {$subquery} at "SELECT COUNT(ID) FROM {$subquery}\n
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
admin/class-bulk-editor-list-table.php#L308
Use placeholders and $wpdb->prepare(); found interpolated variable {$subquery} at \t\t\t\t\t\t\t\tSELECT COUNT(ID) FROM {$subquery}\n
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
admin/class-bulk-editor-list-table.php#L330
Use placeholders and $wpdb->prepare(); found interpolated variable {$subquery} at "SELECT COUNT(ID) FROM {$subquery}\n
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
admin/class-bulk-editor-list-table.php#L383
Use placeholders and $wpdb->prepare(); found interpolated variable {$subquery} at "SELECT DISTINCT post_type FROM {$subquery}\n
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
admin/class-bulk-editor-list-table.php#L542
Use placeholders and $wpdb->prepare(); found interpolated variable {$subquery} at "SELECT COUNT(ID) FROM {$subquery}\n
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
admin/class-bulk-editor-list-table.php#L543
Use placeholders and $wpdb->prepare(); found interpolated variable {$all_states} at \t\t\t\tWHERE post_status IN ({$all_states})\n
|
WordPress.DB.PreparedSQL.InterpolatedNotPrepared:
admin/class-bulk-editor-list-table.php#L544
Use placeholders and $wpdb->prepare(); found interpolated variable {$post_type_clause} at \t\t\t\t\t{$post_type_clause}\n
|
update_modification_detected:
inc/class-addon-manager.php#L1
Detected code which may be altering WordPress update routines. Detected: pre_set_site_transient_update_plugins
|
update_modification_detected:
inc/class-addon-manager.php#L1
Detected code which may be altering WordPress update routines. Detected: _site_transient_update_plugins
|