Resolve Travis CI build issues && add PHP 7.4, 8.0

.travis.yml

@@ -5,6 +5,9 @@ cache:
   - "$HOME/.yarn"
   - "./node_modules"
 before_install:
+- composer self-update 1.10.26
+- nvm install 10
+- nvm use 10
 - travis_retry yarn
 jobs:
   include:
@@ -24,8 +27,16 @@ jobs:
     php: 7.3
     script:
     - "./bin/lint.sh"
+  - stage: lint
+    php: 7.4
+    script:
+    - "./bin/lint.sh"
+  - stage: lint
+    php: 8.0
+    script:
+    - "./bin/lint.sh"
   - stage: deploy
-    php: 7.2
+    php: 7.4
     script:
     - "./bin/build.sh"
     if: branch = master

author.php

@@ -20,7 +20,7 @@
 			<div class="authorMeta">
 				<h1><?php echo esc_html( $author_name ); ?></h1>
 				<?php if ( isset( $author_image ) && ! empty( $author_image ) ) : ?>
-					<img class="authorMeta-image" src="<?php echo esc_html( $author_image ); ?>" alt="Photo of <?php echo esc_html( $author_name ); ?>">
+					<img class="authorMeta-image" src="<?php echo esc_url( $author_image ); ?>" alt="Photo of <?php echo esc_attr( $author_name ); ?>">
 				<?php endif; ?>
 			</div>
 

bin/lint.sh

@@ -1,6 +1,7 @@
 #!/usr/bin/env sh
+
 composer global require \
-  dealerdirect/phpcodesniffer-composer-installer:0.5.0 \
-  wp-coding-standards/wpcs:1.2.1 \
-  automattic/vipwpcs:0.4.0 \
+  dealerdirect/phpcodesniffer-composer-installer:0.7.2 \
+  wp-coding-standards/wpcs:2.3.0 \
+  automattic/vipwpcs:2.3.0 \
   && yarn lint

block-languages/benenson-blocks.pot

@@ -37,7 +37,7 @@ msgid "Centre align the action block."
 msgstr ""
 
 #: src/scripts/blocks/action/DisplayComponent.js:80
-#: src/scripts/blocks/image/DisplayComponent.js:239
+#: src/scripts/blocks/image/DisplayComponent.js:237
 #: src/scripts/blocks/post-list/components/editable/GridItem.js:57
 #: src/scripts/blocks/post-list/components/editable/PostItem.js:96
 #: src/scripts/blocks/post-list/components/editable/SplitGridItem.js:65
@@ -174,14 +174,14 @@ msgstr ""
 # text alignment. for RTL languages, localise as 'Right'
 #: src/scripts/blocks/blockquote/index.js:227
 #: src/scripts/blocks/header/DisplayComponent.js:77
-#: src/scripts/blocks/image/DisplayComponent.js:201
+#: src/scripts/blocks/image/DisplayComponent.js:199
 #: src/scripts/blocks/link/DisplayComponent.js:41
 #: src/scripts/blocks/slider/DisplayComponent.js:37
 msgid "Left"
 msgstr ""
 
 #: src/scripts/blocks/blockquote/index.js:228
-#: src/scripts/blocks/image/DisplayComponent.js:197
+#: src/scripts/blocks/image/DisplayComponent.js:195
 #: src/scripts/blocks/section/index.js:53
 #: src/scripts/blocks/tweet/index.js:26
 msgid "Default"
@@ -190,7 +190,7 @@ msgstr ""
 # text alignment. for RTL languages, localise as 'Left'
 #: src/scripts/blocks/blockquote/index.js:233
 #: src/scripts/blocks/header/DisplayComponent.js:84
-#: src/scripts/blocks/image/DisplayComponent.js:208
+#: src/scripts/blocks/image/DisplayComponent.js:206
 #: src/scripts/blocks/link/DisplayComponent.js:47
 #: src/scripts/blocks/slider/DisplayComponent.js:44
 msgid "Right"
@@ -199,20 +199,20 @@ msgstr ""
 #: src/scripts/blocks/blockquote/index.js:289
 #: src/scripts/blocks/header/DisplayComponent.js:115
 #: src/scripts/blocks/links-with-icons/InnerDisplayComponent.js:223
-#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:95
+#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:94
 #: src/scripts/blocks/section/DisplayComponent.js:61
 msgid "Small"
 msgstr ""
 
 #: src/scripts/blocks/blockquote/index.js:292
 #: src/scripts/blocks/links-with-icons/InnerDisplayComponent.js:226
-#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:98
+#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:97
 msgid "Medium"
 msgstr ""
 
 #: src/scripts/blocks/blockquote/index.js:295
 #: src/scripts/blocks/links-with-icons/InnerDisplayComponent.js:229
-#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:101
+#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:100
 msgid "Large"
 msgstr ""
 
@@ -232,7 +232,7 @@ msgstr ""
 
 #: src/scripts/blocks/blockquote/index.js:323
 #: src/scripts/blocks/header/DisplayComponent.js:123
-#: src/scripts/blocks/image/DisplayComponent.js:220
+#: src/scripts/blocks/image/DisplayComponent.js:218
 msgid "Alignment"
 msgstr ""
 
@@ -328,7 +328,7 @@ msgid "(Heading)"
 msgstr ""
 
 #: src/scripts/blocks/call-to-action/DisplayComponent.js:83
-#: src/scripts/blocks/image/DisplayComponent.js:286
+#: src/scripts/blocks/image/DisplayComponent.js:284
 #: src/scripts/blocks/slider/DisplayComponent.js:322
 msgid "(Content)"
 msgstr ""
@@ -460,12 +460,12 @@ msgid "Edit File"
 msgstr ""
 
 #: src/scripts/blocks/header/DisplayComponent.js:104
-#: src/scripts/blocks/image/DisplayComponent.js:389
+#: src/scripts/blocks/image/DisplayComponent.js:387
 msgid "Image"
 msgstr ""
 
 #: src/scripts/blocks/header/DisplayComponent.js:107
-#: src/scripts/blocks/image/DisplayComponent.js:392
+#: src/scripts/blocks/image/DisplayComponent.js:390
 msgid "Video"
 msgstr ""
 
@@ -475,7 +475,7 @@ msgid "Normal"
 msgstr ""
 
 #: src/scripts/blocks/header/DisplayComponent.js:141
-#: src/scripts/blocks/image/DisplayComponent.js:387
+#: src/scripts/blocks/image/DisplayComponent.js:385
 msgid "Background Type"
 msgstr ""
 
@@ -516,7 +516,7 @@ msgid "(Call to action)"
 msgstr ""
 
 #: src/scripts/blocks/header/DisplayComponent.js:80
-#: src/scripts/blocks/image/DisplayComponent.js:205
+#: src/scripts/blocks/image/DisplayComponent.js:203
 #: src/scripts/blocks/slider/DisplayComponent.js:40
 msgid "Centre"
 msgstr ""
@@ -594,61 +594,61 @@ msgstr ""
 msgid "Responsive Iframe"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:144
+#: src/scripts/blocks/image/DisplayComponent.js:142
 #: src/scripts/blocks/link/DisplayComponent.js:90
 msgid "(Link Text)"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:152
+#: src/scripts/blocks/image/DisplayComponent.js:150
 msgid "Remove Button"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:189
+#: src/scripts/blocks/image/DisplayComponent.js:187
 msgid "Fixed Height (600px)"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:192
+#: src/scripts/blocks/image/DisplayComponent.js:190
 msgid "Actual Height"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:214
+#: src/scripts/blocks/image/DisplayComponent.js:212
 msgid "Image Style"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:221
+#: src/scripts/blocks/image/DisplayComponent.js:219
 msgid "Only has an effect on images smaller than their container"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:280
+#: src/scripts/blocks/image/DisplayComponent.js:278
 msgid "(Title)"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:297
+#: src/scripts/blocks/image/DisplayComponent.js:295
 msgid "Add Button"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:321
+#: src/scripts/blocks/image/DisplayComponent.js:319
 msgid "Choose Video"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:336
+#: src/scripts/blocks/image/DisplayComponent.js:334
 #: src/scripts/packages/editor/PostFeaturedVideo.js:79
 msgid "Replace Video"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:340
+#: src/scripts/blocks/image/DisplayComponent.js:338
 msgid "Remove Video"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:404
+#: src/scripts/blocks/image/DisplayComponent.js:402
 msgid "Display Overlay"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:409
+#: src/scripts/blocks/image/DisplayComponent.js:407
 msgid "Enable Parallax"
 msgstr ""
 
-#: src/scripts/blocks/image/DisplayComponent.js:429
+#: src/scripts/blocks/image/DisplayComponent.js:427
 msgid "(Insert Caption, if required)"
 msgstr ""
 
@@ -752,8 +752,8 @@ msgstr ""
 msgid "Add a links-with-icons block"
 msgstr ""
 
-#: src/scripts/blocks/links-with-icons/InnerDisplayComponent.js:104
-#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:56
+#: src/scripts/blocks/links-with-icons/InnerDisplayComponent.js:105
+#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:55
 msgid "Pick an image"
 msgstr ""
 
@@ -779,12 +779,12 @@ msgid "Style"
 msgstr ""
 
 #: src/scripts/blocks/links-with-icons/InnerDisplayComponent.js:243
-#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:113
+#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:112
 msgid "Icon Size"
 msgstr ""
 
 #: src/scripts/blocks/links-with-icons/InnerDisplayComponent.js:249
-#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:119
+#: src/scripts/blocks/logo-list/InnerDisplayComponent.js:118
 msgid "Hide Image Credit Display"
 msgstr ""
 

footer.php

@@ -23,7 +23,7 @@
 			<?php if ( $footer_section['title'] || $footer_section['content'] ) : ?>
 				<li class="page-footerSection page-footerSection--large">
 				<?php if ( $footer_section['title'] ) : ?>
-					<a><?php echo esc_attr( $footer_section['title'] ); ?></a>
+					<a><?php echo esc_html( $footer_section['title'] ); ?></a>
 				<?php endif; ?>
 
 				<?php if ( $footer_section['content'] ) : ?>

header.php

@@ -71,7 +71,7 @@
 
 <?php do_action( 'benenson_after_body_open_tag' ); ?>
 
-<?php require_once get_template_directory() . '/assets/images/symbol-defs.svg'; ?>
+<?php require_once get_template_directory() . '/assets/images/symbol-defs.svg'; // phpcs:ignore WordPressVIPMinimum.Files.IncludingNonPHPFile.IncludingSVGCSSFile ?>
 
 <a class="skipLink" href="#main"><?php echo esc_html( /* translators: Label for screen reader/keyboard users */ __( 'Skip to main content', 'benenson' ) ); ?></a>
 
@@ -84,22 +84,22 @@
 				<?php benenson_nav( 'main-menu' ); ?>
 			</ul>
 			<?php if ( ! benenson_get_option( '_search_disabled', false ) && ! benenson_get_option( '_search_navigation_disabled', false ) ) : ?>
-			<div class="page-headerSearchContainer" role="search" aria-label="<?php echo esc_attr( 'Search', 'benenson' ); ?>">
+			<div class="page-headerSearchContainer" role="search" aria-label="<?php echo esc_attr__( 'Search', 'benenson' ); ?>">
 				<button data-toggle-search class="page-headerSearch" role="button" aria-label="<?php echo esc_attr( __( 'Show search form', 'benenson' ) ); ?>">
-					<span class="u-hiddenVisually"><?php esc_attr_e( 'Search', 'benenson' ); ?></span>
+					<span class="u-hiddenVisually"><?php esc_html_e( 'Search', 'benenson' ); ?></span>
 				</button>
 				<?php get_search_form(); ?>
 			</div>
 			<?php endif; ?>
-			<button class="page-headerHamburger" data-toggle-menu role="button" aria-expanded="false" aria-label="<?php echo esc_attr( 'Open navigation', 'benenson' ); ?>"><span></span></button>
+			<button class="page-headerHamburger" data-toggle-menu role="button" aria-expanded="false" aria-label="<?php echo esc_attr__( 'Open navigation', 'benenson' ); ?>"><span></span></button>
 		</nav>
 	</div>
 </header>
 
 <div class="page-mobileMenuOverlay" data-toggle-menu aria-hidden="true">
 	<section class="page-mobileMenu">
 		<header class="page-mobileMenuHeader">
-			<h2><?php esc_attr_e( 'Main Menu', 'benenson' ); ?></h2>
+			<h2><?php esc_html_e( 'Main Menu', 'benenson' ); ?></h2>
 			<button data-toggle-menu tabindex="-1" role="button" aria-expanded="true" aria-label="<?php echo esc_attr( __( 'Close navigation', 'benenson' ) ); ?>"></button>
 		</header>
 		<nav class="page-mobileMenuNav">

includes/analytics-output.php

@@ -110,7 +110,7 @@ function benenson_analytics_fallback() {
 			?>
 			<!-- Google Tag Manager (noscript) -->
 			<noscript>
-				<iframe src="https://www.googletagmanager.com/ns.html?id=<?php echo esc_html( $google_tag_manager ); ?>" height="0" width="0" style="display:none;visibility:hidden"></iframe>
+				<iframe src="https://www.googletagmanager.com/ns.html?id=<?php echo esc_attr( $google_tag_manager ); ?>" height="0" width="0" style="display:none;visibility:hidden"></iframe>
 			</noscript>
 			<!-- End Google Tag Manager (noscript) -->
 			<?php

includes/blocks/header/render.php

@@ -66,12 +66,14 @@ function benenson_render_header_block( array $attributes = [] ) {
 			);
 		}
 
+		// phpcs:disable WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 		printf(
 			'<section id="banner-%s" class="page-hero %s" role="figure" aria-label="%s">',
 			esc_attr( $banner_identifier ),
 			esc_attr( implode( ' ', $classlist ) ),
 			esc_attr( $attributes['title'] )
 		);
+		// phpcs:enable WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 
 		if ( 'video' === $attributes['type'] ) {
 			printf(

includes/blocks/list-block/render.php

@@ -464,6 +464,7 @@ function benenson_render_list_block( $attributes ) {
 		ob_start();
 
 		if ( isset( $attributes['style'] ) && 'grid' === $attributes['style'] ) {
+			// phpcs:ignore WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 			printf( '<div class="grid grid-%s">', esc_attr( count( $data ) ) );
 			array_map( 'benenson_render_grid_item', $data );
 			print '</div>';
@@ -472,6 +473,7 @@ function benenson_render_list_block( $attributes ) {
 		}
 
 		if ( isset( $attributes['style'] ) && 'post' === $attributes['style'] ) {
+			// phpcs:ignore WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 			printf( '<div class="grid grid-%s">', esc_attr( count( $data ) ) );
 			array_map( 'benenson_render_post_item', $data );
 			print '</div>';
@@ -480,6 +482,7 @@ function benenson_render_list_block( $attributes ) {
 		}
 
 		if ( isset( $attributes['style'] ) && 'splitgrid' === $attributes['style'] ) {
+			// phpcs:ignore WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 			printf( '<div class="splitGrid splitGrid-%s">', esc_attr( count( $data ) ) );
 			$index = 0;
 			$total = count( $data );

includes/disable-rest-api.php

@@ -1,5 +1,7 @@
 <?php
 
+// phpcs:disable WordPressVIPMinimum.Hooks.AlwaysReturnInFilter.MissingReturnStatement
+
 /**
  * Disables the rest API for users that are not logged in.
  *
@@ -45,3 +47,5 @@ function benenson_disable_rest_api( $result ) {
 }
 
 add_filter( 'rest_authentication_errors', 'benenson_disable_rest_api' );
+
+// phpcs:enable WordPressVIPMinimum.Hooks.AlwaysReturnInFilter.MissingReturnStatement

includes/mobile-nav-walker.php

@@ -143,11 +143,13 @@ public function start_el( &$output, $item, $depth = 0, $args = [], $id = 0 ) {
 		$item_output .= $args->link_before . $title . $args->link_after;
 		$item_output .= '</a>';
 		if ( $has_children ) {
+			// phpcs:disable WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 			$item_output .= sprintf(
 				'<button class="page-mobileMenuToggle" role="button" aria-expanded="false" aria-label="%1$s" tabindex="-1"><span class="u-hiddenVisually">%1$s</span></button>',
 				/* translators: Accessibility label for mobile navigation dropdown button */
 				esc_attr( sprintf( __( 'Expand %s sub-list', 'benenson' ), $title ) )
 			);
+			// phpcs:enable WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 		}
 		$item_output .= $args->after;
 

includes/taxonomies.php

@@ -131,12 +131,14 @@ function is_current_category( WP_Term $cat ) {
  */
 if ( ! function_exists( 'print_category_option' ) ) {
 	function print_category_option( WP_Term $cat ) {
+		// phpcs:disable WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 		printf(
 			'<option value="%s" %s>%s</option>',
 			esc_attr( get_term_link( $cat ) ),
 			esc_attr( is_current_category( $cat ) ? 'selected' : '' ),
 			esc_html( $cat->name )
 		);
+		// phpcs:enable WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
 	}
 }