{"id":40288042,"url":"https://github.com/shalior/wordpress-phpcs-action","last_synced_at":"2026-01-20T04:35:04.208Z","repository":{"id":38396969,"uuid":"499640023","full_name":"shalior/wordpress-phpcs-action","owner":"shalior","description":"A github action to run PHPCS and PHPCBF","archived":false,"fork":false,"pushed_at":"2024-11-29T13:19:32.000Z","size":11,"stargazers_count":11,"open_issues_count":1,"forks_count":6,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-26T21:48:01.622Z","etag":null,"topics":["code-quality","codesniffer","php"],"latest_commit_sha":null,"homepage":"","language":"Dockerfile","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/shalior.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-06-03T20:16:45.000Z","updated_at":"2025-08-27T12:31:03.000Z","dependencies_parsed_at":"2023-01-11T17:21:31.354Z","dependency_job_id":null,"html_url":"https://github.com/shalior/wordpress-phpcs-action","commit_stats":{"total_commits":8,"total_committers":2,"mean_commits":4.0,"dds":0.125,"last_synced_commit":"73da4afb60b61a9c0301eaee2cbba8156abc08ad"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"purl":"pkg:github/shalior/wordpress-phpcs-action","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shalior%2Fwordpress-phpcs-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shalior%2Fwordpress-phpcs-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shalior%2Fwordpress-phpcs-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shalior%2Fwordpress-phpcs-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/shalior","download_url":"https://codeload.github.com/shalior/wordpress-phpcs-action/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/shalior%2Fwordpress-phpcs-action/sbom","scorecard":{"id":815413,"data":{"date":"2025-08-11","repo":{"name":"github.com/shalior/wordpress-phpcs-action","commit":"0ded502211b994a89cfedd0213d3011f3d35f502"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3.4,"checks":[{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Code-Review","score":0,"reason":"Found 1/12 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":0,"reason":"detected GitHub workflow tokens with excessive permissions","details":["Warn: no topLevel permission defined: .github/workflows/dockerimage.yml:1","Warn: no topLevel permission defined: .github/workflows/release.yml:1","Info: no jobLevel write permissions found"],"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Dangerous-Workflow","score":10,"reason":"no dangerous workflow patterns detected","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/dockerimage.yml:11: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/dockerimage.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:17: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:23: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:27: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:34: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:41: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/release.yml/master?enable=pin","Warn: GitHub-owned GitHubAction not pinned by hash: .github/workflows/release.yml:57: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/release.yml/master?enable=pin","Warn: third-party GitHubAction not pinned by hash: .github/workflows/release.yml:59: update your workflow using https://app.stepsecurity.io/secureworkflow/shalior/wordpress-phpcs-action/release.yml/master?enable=pin","Warn: containerImage not pinned by hash: Dockerfile:1: pin your Docker image by updating php:7.4-alpine to php:7.4-alpine@sha256:0d67d81f60f4a400f1b68e3a41e910c98c5e08f49e515f6855561a0f24d37852","Info:   0 out of   4 GitHub-owned GitHubAction dependencies pinned","Info:   0 out of   4 third-party GitHubAction dependencies pinned","Info:   0 out of   1 containerImage dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 2 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-23T14:10:46.297Z","repository_id":38396969,"created_at":"2025-08-23T14:10:46.297Z","updated_at":"2025-08-23T14:10:46.297Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28596079,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-20T02:08:49.799Z","status":"ssl_error","status_checked_at":"2026-01-20T02:08:44.148Z","response_time":117,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["code-quality","codesniffer","php"],"created_at":"2026-01-20T04:35:04.154Z","updated_at":"2026-01-20T04:35:04.203Z","avatar_url":"https://github.com/shalior.png","language":"Dockerfile","funding_links":[],"categories":[],"sub_categories":[],"readme":"## PHP Code Sniffer GitHub action\n### Run and fix errors\n\n[![release](https://github.com/shalior/wordpress-phpcs-action/workflows/release/badge.svg)](https://github.com/shalior/action-phpcs-wordpress/actions?query=workflow%3Arelease)\n[![GitHub release (latest SemVer)](https://img.shields.io/github/v/release/shalior/wordpress-phpcs-action?logo=github\u0026sort=semver)](https://github.com/shalior/action-phpcs-wordpress/releases)\n\n- **Works on every PHP code base**, including **WordPress**(all rules are bundled).\n- Supports configuration files (`phpcs.xml`, `phpcs.xml.dist`, ...).\n- Fixes all fixable errors.\n\nThis action runs PHPCS and fix errors using PHPCBF. If the errors are not fixable the job will fail, if they are phpcbf will fix them.\nThe WordPress rulesets are bundled and made available to `phpcs`. The action supports using PHPCS configuration files if there is a `phpcs.xml` or other supported file names.\n\n## Input\n\n```yaml\ninputs:\n  github_token:\n    description: 'GITHUB_TOKEN'\n    default: '${{ github.token }}'\n  workdir:\n    description: 'Working directory relative to the root directory.'\n    default: '.'\n  ### Flags for phpcs-wordpress ###\n  phpcs_args:\n    description: 'Additional PHPCS flags'\n    default: '.'\n  phpcbf_args:\n    description: 'Additional PHPCBF flags'\n    default: '.'\n  phpcs_standard:\n    description: 'Coding standard for PHPCS to use when checking files'\n    default: 'WordPress'\n  use_default_configuration_file:\n    description: 'Whether to use default configuration file(phpcs.xml) or not'\n    default: 'true'\n```\n\n## Usage\n\n```yaml\nname: WPCS checker\non: push\njobs:\n  linter_name:\n    name: runner / phpcs\n    runs-on: ubuntu-latest\n    steps:\n      - uses: actions/checkout@v2\n      - uses: shalior/wordpress-phpcs-action@master\n        with:\n          github_token: ${{ secrets.github_token }}\n          use_default_configuration_file: true\n          phpcs_args: '-n' # ignore warnings\n      - uses: stefanzweifel/git-auto-commit-action@v4 # auto commit the fixes action for GitHub\n        with:\n          commit_message: Fix PHPCS errors\n```\n\n### PHPCS Coding Standards\n\nThe following sniffs are currently available. You can configure the standard(s) used by using the `phpcs_standard` input setting. By default, `WordPress` is used.\n\n- MySource\n- PEAR\n- PHPCompatibility: `9.3.5`\n- PHPCompatibilityWP: `2.1.5`\n- PSR1\n- PSR12\n- PSR2\n- Squiz\n- WordPress: `3.1.0` \n- WordPress-Core: `3.1.0` \n- Wordpress-Docs: `3.1.0` \n- WordPress-Extra: `3.1.0` \n- WordPress-VIP-Go: `3.0.1`\n- WordPressVIPMinimum: `3.0.1`\n- Zend\n- (Soon) WooCommerce\n\n\nThis action is based on [action-phpcs-wordpress](https://github.com/oohnoitz/action-phpcs-wordpress).","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshalior%2Fwordpress-phpcs-action","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fshalior%2Fwordpress-phpcs-action","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fshalior%2Fwordpress-phpcs-action/lists"}