Skip to content

fix: avoid calling wp_kses with null software versions #236

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 31, 2025
Merged

fix: avoid calling wp_kses with null software versions #236

merged 1 commit into from
Oct 31, 2025

Conversation

@javiercasares
Copy link
Owner

@javiercasares javiercasares commented Oct 31, 2025

Summary

  • guard detected software versions before sanitising them with wp_kses
  • return null when detection helpers yield empty values to avoid PHP 8.1+ deprecation warnings

Testing

  • vendor/bin/phpunit (fails: WordPress test library is not installed in the container)
  • vendor/bin/phpstan analyse --memory-limit=1G wpvulnerability-software.php (fails: plugin helper functions are not autoloaded for standalone analysis)
  • vendor/bin/phpcs wpvulnerability-software.php (fails: repository PHPCS configuration references a missing PHPCompatibilityWP sniff)

https://chatgpt.com/codex/tasks/task_b_69048ff5fb60832180ca626377fa6725

@amplify-security
Copy link
Contributor

amplify-security bot commented Oct 31, 2025

🔍 Amplify code check status:   status looks good

⚠️ 0 issues detected in   📄 1 file and   ❇️ 46 lines of code   🛠️ using Opengrep

Last updated by commit d604eeb at 2025-10-31 10:39:57 UTC.

@sonarqubecloud
Copy link

sonarqubecloud bot commented Oct 31, 2025

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@javiercasares javiercasares merged commit e68e9b2 into dev Oct 31, 2025
3 checks passed
@javiercasares javiercasares deleted the devel/fix-deprecated-preg_replace-usage branch October 31, 2025 10:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

codex

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@javiercasares