From bdaecbd06eb3ac3127ff8c822d92e54a655860ac Mon Sep 17 00:00:00 2001 From: Joe Fusco Date: Wed, 26 Nov 2025 14:16:55 -0500 Subject: [PATCH 1/7] Create plugin-check.yml --- .github/workflows/plugin-check.yml | 78 ++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100644 .github/workflows/plugin-check.yml diff --git a/.github/workflows/plugin-check.yml b/.github/workflows/plugin-check.yml new file mode 100644 index 00000000..e878e32c --- /dev/null +++ b/.github/workflows/plugin-check.yml @@ -0,0 +1,78 @@ +# This does the following: +# 1. Detects modified plugins in the plugins/ directory +# 2. Runs WordPress Plugin Check using the official action +# 3. Creates a matrix job for each changed plugin +# 4. Results appear as file annotations directly in PRs +# Bonus: This means you can have plugin specific badges e.g. +# [![Plugin Check](https://img.shields.io/github/check-runs/wpengine/hwptoolkit/main?checkName=hwp-previews%20Plugin%20Check&label=Plugin%20Check)](https://github.com/wpengine/hwptoolkit/actions) + +name: WordPress Plugin Check + +on: + push: + branches: + - main + paths: + - 'plugins/*/**.php' + pull_request: + branches: + - main + paths: + - 'plugins/*/**.php' + +jobs: + detect-plugins: + runs-on: ubuntu-latest + name: Detect plugins for Plugin Check + outputs: + plugins: ${{ steps.detect.outputs.plugins }} + has-plugins: ${{ steps.detect.outputs.has-plugins }} + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Get changed plugin directories + id: plugin + run: | + if [ "${{ github.event_name }}" = "push" ]; then + bash .github/scripts/get_plugin_slug.sh main + else + bash .github/scripts/get_plugin_slug.sh \ + ${{ github.event.pull_request.base.sha }} \ + ${{ github.event.pull_request.head.sha }} + fi + + - name: Detect plugins + id: detect + run: | + if [ -z "${{ steps.plugin.outputs.plugins }}" ] || [ "${{ steps.plugin.outputs.plugins }}" = "[]" ]; then + echo "No plugins detected" + echo "plugins=[]" >> $GITHUB_OUTPUT + echo "has-plugins=false" >> $GITHUB_OUTPUT + exit 0 + fi + echo "plugins=${{ steps.plugin.outputs.plugins }}" >> $GITHUB_OUTPUT + echo "has-plugins=${{ steps.plugin.outputs.has-plugins }}" >> $GITHUB_OUTPUT + + plugin-check: + needs: detect-plugins + if: needs.detect-plugins.outputs.has-plugins == 'true' + runs-on: ubuntu-latest + strategy: + matrix: + plugin: ${{ fromJson(needs.detect-plugins.outputs.plugins) }} + fail-fast: false + name: ${{ matrix.plugin }} Plugin Check + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Run Plugin Check + uses: wordpress/plugin-check-action@v1 + with: + build-dir: plugins/${{ matrix.plugin }} + exclude-directories: | + .git + vendor + node_modules + tests From 250cd902a4483a19a1afeeb0c38a83b64d322190 Mon Sep 17 00:00:00 2001 From: Joe Fusco Date: Wed, 26 Nov 2025 14:21:00 -0500 Subject: [PATCH 2/7] Update plugin-check.yml --- .github/workflows/plugin-check.yml | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/.github/workflows/plugin-check.yml b/.github/workflows/plugin-check.yml index e878e32c..35c43c20 100644 --- a/.github/workflows/plugin-check.yml +++ b/.github/workflows/plugin-check.yml @@ -1,12 +1,9 @@ -# This does the following: -# 1. Detects modified plugins in the plugins/ directory -# 2. Runs WordPress Plugin Check using the official action -# 3. Creates a matrix job for each changed plugin -# 4. Results appear as file annotations directly in PRs -# Bonus: This means you can have plugin specific badges e.g. -# [![Plugin Check](https://img.shields.io/github/check-runs/wpengine/hwptoolkit/main?checkName=hwp-previews%20Plugin%20Check&label=Plugin%20Check)](https://github.com/wpengine/hwptoolkit/actions) +# Runs WordPress Plugin Check on modified plugins to ensure compliance with +# WordPress.org guidelines and coding standards. +# +# https://wordpress.org/plugins/plugin-check/ -name: WordPress Plugin Check +name: Plugin Check on: push: @@ -23,7 +20,7 @@ on: jobs: detect-plugins: runs-on: ubuntu-latest - name: Detect plugins for Plugin Check + name: Detect modified plugins outputs: plugins: ${{ steps.detect.outputs.plugins }} has-plugins: ${{ steps.detect.outputs.has-plugins }} @@ -42,11 +39,10 @@ jobs: ${{ github.event.pull_request.head.sha }} fi - - name: Detect plugins + - name: Set output id: detect run: | if [ -z "${{ steps.plugin.outputs.plugins }}" ] || [ "${{ steps.plugin.outputs.plugins }}" = "[]" ]; then - echo "No plugins detected" echo "plugins=[]" >> $GITHUB_OUTPUT echo "has-plugins=false" >> $GITHUB_OUTPUT exit 0 @@ -62,7 +58,7 @@ jobs: matrix: plugin: ${{ fromJson(needs.detect-plugins.outputs.plugins) }} fail-fast: false - name: ${{ matrix.plugin }} Plugin Check + name: ${{ matrix.plugin }} steps: - name: Checkout uses: actions/checkout@v4 From 131c24b68a5b02a333c8fb8d4971945eb761e63b Mon Sep 17 00:00:00 2001 From: Joe Fusco Date: Wed, 26 Nov 2025 14:44:56 -0500 Subject: [PATCH 3/7] Update .github/workflows/plugin-check.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/plugin-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/plugin-check.yml b/.github/workflows/plugin-check.yml index 35c43c20..04e26822 100644 --- a/.github/workflows/plugin-check.yml +++ b/.github/workflows/plugin-check.yml @@ -10,12 +10,12 @@ on: branches: - main paths: - - 'plugins/*/**.php' + - 'plugins/**/*.php' pull_request: branches: - main paths: - - 'plugins/*/**.php' + - 'plugins/**/*.php' jobs: detect-plugins: From a5fe6153ce3b31a9c936d90f0559f184e33ae192 Mon Sep 17 00:00:00 2001 From: Joe Fusco Date: Wed, 26 Nov 2025 14:50:15 -0500 Subject: [PATCH 4/7] test plugin check --- plugins/hwp-previews/hwp-previews.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plugins/hwp-previews/hwp-previews.php b/plugins/hwp-previews/hwp-previews.php index 3681328f..8d09ac7b 100644 --- a/plugins/hwp-previews/hwp-previews.php +++ b/plugins/hwp-previews/hwp-previews.php @@ -11,7 +11,7 @@ * Text Domain: hwp-previews * Domain Path: /languages * Requires at least: 6.0 - * Tested up to: 6.8.1 + * Tested up to: 6.7 * Requires PHP: 7.4+ * License: GPLv2 or later * License URI: https://www.gnu.org/licenses/gpl-2.0.html From a7f257edfca6ef850174eff08cd423c5c89893f3 Mon Sep 17 00:00:00 2001 From: Joe Fusco Date: Wed, 26 Nov 2025 14:59:25 -0500 Subject: [PATCH 5/7] test: add intentional violation for Plugin Check --- plugins/hwp-previews/hwp-previews.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/plugins/hwp-previews/hwp-previews.php b/plugins/hwp-previews/hwp-previews.php index 8d09ac7b..16768f16 100644 --- a/plugins/hwp-previews/hwp-previews.php +++ b/plugins/hwp-previews/hwp-previews.php @@ -11,7 +11,7 @@ * Text Domain: hwp-previews * Domain Path: /languages * Requires at least: 6.0 - * Tested up to: 6.7 + * Tested up to: 6.8.1 * Requires PHP: 7.4+ * License: GPLv2 or later * License URI: https://www.gnu.org/licenses/gpl-2.0.html @@ -141,3 +141,13 @@ function hwp_previews_load_textdomain(): void { /** @psalm-suppress HookNotFound */ add_action( 'plugins_loaded', 'hwp_previews_init', 15, 0 ); + +/** + * INTENTIONAL VIOLATION FOR TESTING PLUGIN CHECK - REMOVE AFTER TEST + * + * @todo Remove this function after testing Plugin Check workflow. + */ +function hwp_previews_test_violation(): void { + // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- Intentional for testing + echo $_GET['test']; +} From 474e21104dacf8cdf979dcbfc0375ae476d222d1 Mon Sep 17 00:00:00 2001 From: Joe Fusco Date: Wed, 26 Nov 2025 15:41:57 -0500 Subject: [PATCH 6/7] Update hwp-previews.php --- plugins/hwp-previews/hwp-previews.php | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/plugins/hwp-previews/hwp-previews.php b/plugins/hwp-previews/hwp-previews.php index 16768f16..3681328f 100644 --- a/plugins/hwp-previews/hwp-previews.php +++ b/plugins/hwp-previews/hwp-previews.php @@ -141,13 +141,3 @@ function hwp_previews_load_textdomain(): void { /** @psalm-suppress HookNotFound */ add_action( 'plugins_loaded', 'hwp_previews_init', 15, 0 ); - -/** - * INTENTIONAL VIOLATION FOR TESTING PLUGIN CHECK - REMOVE AFTER TEST - * - * @todo Remove this function after testing Plugin Check workflow. - */ -function hwp_previews_test_violation(): void { - // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- Intentional for testing - echo $_GET['test']; -} From d3bbded9fdacf697a2be2d66d0328eb685efdede Mon Sep 17 00:00:00 2001 From: Joe Fusco Date: Fri, 28 Nov 2025 11:34:55 -0500 Subject: [PATCH 7/7] Update plugin-check.yml --- .github/workflows/plugin-check.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/plugin-check.yml b/.github/workflows/plugin-check.yml index 04e26822..f7aa2665 100644 --- a/.github/workflows/plugin-check.yml +++ b/.github/workflows/plugin-check.yml @@ -42,7 +42,8 @@ jobs: - name: Set output id: detect run: | - if [ -z "${{ steps.plugin.outputs.plugins }}" ] || [ "${{ steps.plugin.outputs.plugins }}" = "[]" ]; then + # get_plugin_slug.sh outputs: slug, plugins (JSON array), has-plugins + if [ -z "${{ steps.plugin.outputs.slug }}" ]; then echo "plugins=[]" >> $GITHUB_OUTPUT echo "has-plugins=false" >> $GITHUB_OUTPUT exit 0