Upgrade to WPCS 3.0

composer.json

@@ -5,10 +5,7 @@
         "php": ">=5.6"
     },
     "require-dev": {
-        "phpunit/phpunit": "^9.5.10",
-        "dealerdirect/phpcodesniffer-composer-installer": "^0.7.1",
-        "wp-coding-standards/wpcs": "^2.3",
-        "squizlabs/php_codesniffer": "^3.6",
+        "wp-coding-standards/wpcs": "^3.0",
         "phpcompatibility/phpcompatibility-wp": "^2.1"
     },
     "license": "GPL-3.0",

phpcs.xml

@@ -50,14 +50,9 @@
 
 	<rule ref="WordPress">
 		<!-- As we use PHP 5.4+ now, we can use the short array syntax -->
-		<exclude name="Generic.Arrays.DisallowShortArraySyntax.Found" />
+		<exclude name="Universal.Arrays.DisallowShortArraySyntax.Found" />
 		<!-- Uncomment if you develop a theme with templates for CPTs having a prefix -->
 		<exclude name="WordPress.Files.FileName" />
-		<!-- Uncomment for projects using the metabox toolbox -->
-		<!--<exclude name="WordPress.CSRF.NonceVerification.NoNonceVerification" />-->
-		<!-- Uncomment if you want to use some functions that should be replaced with the VIP cached alternatives -->
-		<!--<exclude name="WordPress.VIP.RestrictedFunctions" />-->
-		<!--<exclude name="WordPress.VIP.PostsPerPage" />-->
 	</rule>
 	<rule ref="WordPress.NamingConventions.PrefixAllGlobals">
 		<properties>

src/lib/ProvenExpertEmbeds/AbstractProvenExpertEmbed.php

@@ -46,11 +46,9 @@ public function filter_request_args( $args ) {
 			// Remove the arg, if it's not within the settings of this specific embed.
 			if ( ! array_key_exists( $key, $this->settings ) ) {
 				unset( $args[ $key ] );
-			} else {
 				// Check if setting with type "number" are "empty" and remove them, as they otherwise cause issues.
-				if ( 'number' === $this->settings[ $key ]['type'] && ( ! is_numeric( $arg ) || empty( $arg ) ) ) {
-					unset( $args[ $key ] );
-				}
+			} elseif ( 'number' === $this->settings[ $key ]['type'] && ( ! is_numeric( $arg ) || empty( $arg ) ) ) {
+				unset( $args[ $key ] );
 			}
 		}
 

src/lib/Settings/ProvenExpertApiCredentials.php

@@ -132,6 +132,8 @@ public function settings_field( $args ) {
 	/**
 	 * Validate if the credentials are correct, if not, return the old value so the update is skipped
 	 *
+	 * @phpcs:disable Generic.CodeAnalysis.UnusedFunctionParameter.FoundAfterLastUsed
+	 *
 	 * @param mixed  $value     The new, unserialized option value.
 	 * @param mixed  $old_value The old option value.
 	 * @param string $option    Option name.
@@ -152,7 +154,7 @@ public function validate_credentials( $value, $old_value, $option ) {
 		ProvenExpertAPI::$api_id  = get_option( 'efpe_api_id' );
 		ProvenExpertAPI::$api_key = $value;
 
-		// Try to get a API response with those crendentials.
+		// Try to get an API response with those crendentials.
 		$request = ProvenExpertAPI::post( '/widget/create', $args );
 
 		if ( ! is_wp_error( $request ) ) {

src/lib/Widgets/AbstractWidget.php

@@ -108,7 +108,7 @@ public function get_cached_widget( $args ) {
 		}
 
 		if ( isset( $cache[ $this->get_widget_id_for_cache( $args['widget_id'] ) ] ) ) {
-			echo $cache[ $this->get_widget_id_for_cache( $args['widget_id'] ) ]; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
+			echo $cache[ $this->get_widget_id_for_cache( $args['widget_id'] ) ]; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 
 			return true;
 		}
@@ -178,12 +178,12 @@ protected function get_instance_title( $instance ) {
 	 * @param array $instance Instance.
 	 */
 	public function widget_start( $args, $instance ) {
-		echo $args['before_widget']; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
+		echo $args['before_widget']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 
 		$title = apply_filters( 'widget_title', $this->get_instance_title( $instance ), $instance, $this->id_base );
 
 		if ( $title ) {
-			echo $args['before_title'] . $title . $args['after_title']; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
+			echo $args['before_title'] . $title . $args['after_title']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 		}
 	}
 
@@ -193,7 +193,7 @@ public function widget_start( $args, $instance ) {
 	 * @param array $args Arguments.
 	 */
 	public function widget_end( $args ) {
-		echo $args['after_widget']; // phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped
+		echo $args['after_widget']; // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
 	}
 
 	/**
@@ -273,7 +273,7 @@ public function form( $instance ) {
 				case 'text':
 					?>
 					<p class="efpe-setting <?php echo esc_attr( $class ); ?>">
-						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo wp_kses_post( $setting['label'] ); ?><?php /* phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped */ ?></label>
+						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo wp_kses_post( $setting['label'] ); ?><?php /* phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped */ ?></label>
 						<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( $key ) ); ?>" type="text" value="<?php echo esc_attr( $value ); ?>"/>
 					</p>
 					<?php
@@ -282,7 +282,7 @@ public function form( $instance ) {
 				case 'number':
 					?>
 					<p class="efpe-setting <?php echo esc_attr( $class ); ?>">
-						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped */ ?></label>
+						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped */ ?></label>
 						<input class="widefat" id="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( $key ) ); ?>" type="number" step="<?php echo esc_attr( $setting['step'] ); ?>" min="<?php echo esc_attr( $setting['min'] ); ?>" max="<?php echo esc_attr( $setting['max'] ); ?>" value="<?php echo esc_attr( $value ); ?>"/>
 					</p>
 					<?php
@@ -291,7 +291,7 @@ public function form( $instance ) {
 				case 'select':
 					?>
 					<p class="efpe-setting <?php echo esc_attr( $class ); ?>">
-						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped */ ?></label>
+						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped */ ?></label>
 						<select class="widefat" id="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( $key ) ); ?>">
 							<?php foreach ( $setting['options'] as $option_key => $option_value ) : ?>
 								<option value="<?php echo esc_attr( $option_key ); ?>" <?php selected( $option_key, $value ); ?>><?php echo esc_html( $option_value ); ?></option>
@@ -304,7 +304,7 @@ public function form( $instance ) {
 				case 'textarea':
 					?>
 					<p class="efpe-setting <?php echo esc_attr( $class ); ?>">
-						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped */ ?></label>
+						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped */ ?></label>
 						<textarea class="widefat" id="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( $key ) ); ?>" cols="20" rows="3"><?php echo esc_textarea( $value ); ?></textarea>
 						<?php if ( isset( $setting['desc'] ) ) : ?>
 							<small><?php echo esc_html( $setting['desc'] ); ?></small>
@@ -317,7 +317,7 @@ public function form( $instance ) {
 					?>
 					<p class="efpe-setting <?php echo esc_attr( $class ); ?>">
 						<input class="checkbox" id="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>" name="<?php echo esc_attr( $this->get_field_name( $key ) ); ?>" type="checkbox" value="1" <?php checked( $value, 1 ); ?> />
-						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.XSS.EscapeOutput.OutputNotEscaped */ ?></label>
+						<label for="<?php echo esc_attr( $this->get_field_id( $key ) ); ?>"><?php echo $setting['label']; /* phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped */ ?></label>
 					</p>
 					<?php
 					break;