Merge pull request #18 from WebDevStudios/release/0.1.0

Release/0.1.0

.eslintrc.js

@@ -1,7 +1,7 @@
 module.exports = {
 	extends: [
-		'plugin:@wordpress/eslint-plugin/recommended',
-		'plugin:eslint-comments/recommended',
+		'plugin:@wordpress/eslint-plugin/recommended-with-formatting',
+		'plugin:prettier/recommended',
 	],
 	parserOptions: {
 		ecmaVersion: 2021,

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,63 +1,60 @@
 # Closes
 
 <!--
-REQUIRED. Please do not leave this blank, use this format to link issue numbers:
-[#WDS-123](https://webdevstudios.atlassian.net/browse/TICKET-NUMBER)
+REQUIRED. Please do not leave this blank. Use this format to link issue numbers:
+[#WDS-123](https://webdevstudios.atlassian.net/browse/WDS-123)
 -->
 
-## What type of PR is this? (put an x to all applicable)
-
-- [ ] 🍕 Feature
-- [ ] 🐛 Bug Fix
-- [ ] 📝 Documentation Update
-- [ ] 🎨 Style
-- [ ] 🧑‍💻 Code Refactor
-- [ ] 🔥 Performance Improvements
-- [ ] ✅ Test
-- [ ] 🤖 Build
-- [ ] 🔁 CI
-- [ ] 📦 Chore (Release)
-- [ ] ⏩ Revert
-
 ## Link to test
 
 <!--
-REQUIRED. Please do not leave this blank, use this format to link to testing environment:
+REQUIRED. Please do not leave this blank. Use this format to link to the testing environment:
 [Develop](https://wds.wdslab.com/)
 -->
 
 ## Description
 
 <!--
-REQUIRED. Please do not leave this blank
-This PR [adds/removes/fixes/replaces] the [feature/bug/etc].
+REQUIRED. Please do not leave this blank.
+Example:
+1. [#WDS-123](https://webdevstudios.atlassian.net/browse/WDS-123) - This PR [adds/removes/fixes/replaces] the [feature/bug/etc].
+2. Make sure to add the appropriate labels to this PR.
 -->
 
 ## Related Tickets & Documents
 
 <!--
-Please use this format link issue numbers: Fixes #WDS-123
-https://docs.github.com/en/free-pro-team@latest/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword
+Please use this format to link issue numbers: Fixes #WDS-123
 -->
 
 ## Mobile & Desktop Screenshots/Recordings
 
 <!--
-REQUIRED. Please do not leave this blank
-For visual alterations, provide screenshots or recordings For both desktop and mobile. You can utilize Loom for this purpose: https://www.loom.com/screen-recorder
+REQUIRED. Please do not leave this blank.
+For visual alterations, provide screenshots or recordings for both desktop and mobile. You can utilize Loom for this purpose: https://www.loom.com/screen-recorder
 -->
 
+## Added to documentation?
+
+- [ ] 📜 README.md
+- [ ] 📓 [Confluence](https://documentationlink.here)
+- [ ] 🙅 No documentation needed
+
 ## Added tests?
 
-- [ ] 👍 yes
-- [ ] 🙅 no, because they aren't needed
-- [ ] 🙋 no, because I need help
+- [ ] 👍 Yes
+- [ ] 🙅 No, because they aren't needed
+- [ ] 🙋 No, because I need help
 
-## Added to documentation?
+## Testing Instructions
 
-- [ ] 📜 README.md
-- [ ] 📓 [Confluence](https://webdevstudios.atlassian.net/wiki/spaces/wds1/pages/2988474566/Feature+Documentation)
-- [ ] 🙅 no documentation needed
+<!--
+Please include step-by-step instructions on how to test this PR.
+Example:
+1. Open a post or page.
+2. Insert a heading block.
+3. Verify that the heading block appears as expected.
+-->
 
 -----
 
@@ -67,23 +64,16 @@ For visual alterations, provide screenshots or recordings For both desktop and m
 REQUIRED For reviewers to fill in.
 -->
 
-As a reviewer, please ensure the following testing criteria are met and validated before approving this Pull Request.
+As a reviewer, please verify that the relevant testing criteria are fulfilled and confirmed before approving this Pull Request.
 
 - [ ] **Visual Regression Testing:** Ensure that existing functionality is not negatively impacted by the changes.
 - [ ] **Cross-Browser Compatibility:** Test on major browsers (Chrome, Firefox, Safari) to ensure compatibility.
 - [ ] **Mobile Responsiveness:** Confirm that the changes are responsive and functional on various mobile devices.
-- [ ] **Accessibility Testing:** Validate that the changes comply with accessibility standards.
-- [ ] **Linting:** Check that the code passes all linting checks (PHPCS, ESLint, SassLint).
 - [ ] **Theme Compatibility:** Ensure that the changes do not adversely affect the site's theme and styling.
-- [ ] **Plugin Compatibility:** Check if the changes are compatible with existing plugins and do not cause conflicts.
-- [ ] **Core Functionality:** Verify that the WordPress core functionalities are not disrupted.
-- [ ] **Custom Post Types and Taxonomies:** Confirm that any custom post types or taxonomies function as intended.
-- [ ] **Security Best Practices:** Ensure that the code follows WordPress security best practices.
-- [ ] **Performance:** Check for any performance issues, especially with database queries and page load times.
-- [ ] **SEO Considerations:** Where applicable, confirm that the changes do not negatively impact SEO elements.
-- [ ] **WordPress Coding Standards:** Ensure that the code adheres to WordPress coding standards.
+- [ ] **Linting:** Check that the code passes all linting checks (PHPCS, ESLint, SassLint). Check if PR passes code quality check.
+- [ ] **Accessibility Testing:** Validate that the changes comply with accessibility standards. Run `npm run a11y`.
+- [ ] **Security Best Practices:** Ensure that the code follows WordPress security best practices. Check if PR passes security check.
 - [ ] **Documentation:** Ensure that any new features or changes are appropriately documented in the README.md or Confluence.
-- [ ] **User Acceptance Testing (UAT):** If applicable, confirm that stakeholders have reviewed and accepted the changes.
 - [ ] **Post-Deployment Tasks:** Check if there are any tasks that need to be performed after deployment.
 
 ## [optional] Additional Reviewer Notes or Considerations?

.github/workflows/assertions.yml

@@ -1,70 +1,110 @@
 name: Code Quality
 
 on:
-    pull_request:
-    push:
-        branches:
-            - main
+  pull_request:
+  push:
+    branches:
+      - main
 
-# Cancel previous workflow run groups that have not completed.
 concurrency:
-    # Group workflow runs by workflow name, along with the head branch ref of the pull request
-    # or otherwise the branch or tag ref.
-    group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.ref }}
-    cancel-in-progress: true
+  group: ${{ github.workflow }}-${{ github.event_name == 'pull_request' && github.head_ref || github.ref }}
+  cancel-in-progress: true
 
 jobs:
-    lint-css:
-        name: 'Lint: CSS'
-        runs-on: ubuntu-latest
-        steps:
-            - name: Checkout
-              uses: actions/checkout@v4
-
-            - name: Setup Node
-              uses: actions/setup-node@v4
-              with:
-                  node-version: 20
-
-            - name: Install Node dependencies
-              run: npm ci
-              env:
-                  CI: true
-
-            - name: Detect coding standard violations (stylelint)
-              run: npm run lint:css
-
-    lint-php:
-        name: 'Lint: PHP'
-        runs-on: ubuntu-latest
-        steps:
-            - name: Checkout
-              uses: actions/checkout@v4
-
-            - name: Setup PHP
-              uses: shivammathur/setup-php@v2
-              with:
-                  php-version: '8.2'
-                  coverage: none
-                  tools: cs2pr
-
-            - name: Get Composer Cache Directory
-              id: composer-cache
-              run: echo "::set-output name=dir::$(composer config cache-files-dir)"
-
-            - name: Configure Composer cache
-              uses: actions/cache@v4
-              with:
-                  path: ${{ steps.composer-cache.outputs.dir }}
-                  key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
-                  restore-keys: |
-                      ${{ runner.os }}-composer-
-
-            - name: Install Composer dependencies
-              run: composer install --prefer-dist --optimize-autoloader --no-progress --no-interaction
-
-            - name: Validate composer.json
-              run: composer --no-interaction validate --no-check-all
-
-            - name: Detect coding standard violations (PHPCS)
-              run: npm run lint:php
+  phpcs:
+    name: PHPCS check
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: '8.2'
+          ini-values: 'memory_limit=1G'
+          coverage: none
+          tools: cs2pr
+
+      - name: Get Composer Cache Directory
+        id: composer-cache
+        run: echo "::set-output name=dir::$(composer config cache-files-dir)"
+
+      - name: Configure Composer cache
+        uses: actions/cache@v4
+        with:
+          path: ${{ steps.composer-cache.outputs.dir }}
+          key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-composer-
+
+      - name: Install Composer dependencies
+        uses: ramsey/composer-install@v2
+        with:
+          custom-cache-suffix: $(date -u "+%Y-%m")
+
+      - name: Validate composer.json
+        run: composer --no-interaction validate --no-check-all
+
+      - name: Detect coding standard violations (PHPCS)
+        run: vendor/bin/phpcs --report-full --report-checkstyle=./phpcs-report.txt
+
+      - name: Upload PHPCS report
+        uses: actions/upload-artifact@v2
+        with:
+          name: phpcs-report
+          path: phpcs-report.txt
+
+  stylelint:
+    name: 'Lint: CSS'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.12.2'
+          cache: 'npm'
+
+      - name: Unset npm_config_prefix
+        run: unset npm_config_prefix
+
+      - name: Check Node version
+        run: node -v
+
+      - name: Install Node dependencies
+        run: npm ci
+        env:
+          CI: true
+
+      - name: Lint Stylesheets
+        run: npm run lint:css
+
+  eslint:
+    name: 'Lint: JS'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20.12.2'
+          cache: 'npm'
+
+      - name: Unset npm_config_prefix
+        run: unset npm_config_prefix
+
+      - name: Check Node version
+        run: node -v
+
+      - name: Install Node dependencies
+        run: npm ci
+        env:
+          CI: true
+
+      - name: Lint JavaScript
+        run: npm run lint:js

.github/workflows/security.yml

@@ -0,0 +1,34 @@
+name: Security
+
+on:
+    # Run on all pushes and on all pull requests.
+    push:
+    pull_request:
+    # Also run this workflow every Monday at 6:00.
+    schedule:
+        - cron: '0 6 * * 1'
+    # Allow manually triggering the workflow.
+    workflow_dispatch:
+
+# Cancels all previous workflow runs for the same branch that have not yet completed.
+concurrency:
+    # The concurrency group contains the workflow name and the branch name.
+    group: ${{ github.workflow }}-${{ github.ref }}
+    cancel-in-progress: true
+
+jobs:
+    security:
+        name: 'Security check'
+        runs-on: ubuntu-latest
+
+        # Don't run the cronjob in this workflow on forks.
+        if: github.event_name != 'schedule' || (github.event_name == 'schedule' && github.repository_owner == 'webdevstudios')
+
+        steps:
+            - name: Checkout code
+              uses: actions/checkout@v4
+
+            # This action checks the `composer.lock` file against known security vulnerabilities in the dependencies.
+            # https://github.com/marketplace/actions/the-php-security-checker
+            - name: Run Security Check
+              uses: symfonycorp/security-checker-action@v5

.gitignore

@@ -26,3 +26,4 @@ build/
 
 #tests
 pa11y-ci-report/
+phpcs-report.txt

.markdownlintignore

@@ -0,0 +1,4 @@
+build
+node_modules
+vendor
+readme.md

.nvmrc

@@ -1 +1 @@
-20
+v20.12.2