Automatically Catching Bugs in Plugins

Author: WordPress.org

Date: April 27, 2021 

Category: Make WordPress Meta

A Problem

There are times when it’s difficult for a plugin developer to know the most secure way to implement something (e.g., preparing a SQL query with conditional clauses), and it can be easy to overlook bugs and bad practices when there are thousands of lines of code.

That creates bad experiences for users when something breaks or their site is hacked.

A Potential Solution

Static code analysis could help to catch bugs, and inform developers how to fix them. It could also reduce the amount of time the Plugin team spends doing manual reviews.

The Coding Standards project has