From 2496706ba3592d36cc4061bb91ca325537713141 Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Fri, 10 Jul 2026 16:56:55 +0100 Subject: [PATCH 1/5] Remove PHPCS packages and patterns related --- ...oud-2026-07-remove-codesniffer-packages.md | 257 ++++++++++++++++++ 1 file changed, 257 insertions(+) create mode 100644 docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md diff --git a/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md b/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md new file mode 100644 index 0000000000..c8fd682e8e --- /dev/null +++ b/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md @@ -0,0 +1,257 @@ +--- +rss_title: Codacy release notes RSS feed +rss_href: /feed_rss_created.xml +--- + +# PHP_CodeSniffer Upgrade and Legacy Package Deprecations – July 2026 + +We are preparing to upgrade our PHP CodeSniffer tool to the latest version. This update will bring vital performance improvements, better syntax parsing, and support for the latest PHP features. + +We know how important your current workflows and rule configurations are. However, to successfully complete this upgrade, we have encountered hard compatibility constraints with several older, unmaintained coding standard packages. To move forward, we must officially remove support for these legacy packages and their associated rules. + +## Packages Being Removed + +The following packages are incompatible with the latest PHP_CodeSniffer version or are no longer maintained, and will be dropped in this release: + +- automattic/vipwpcs +- magento/magento-coding-standard +- magento/marketplace-eqp +- pheromone/phpcs-security-audit +- wp-coding-standards/wpcs + +### What to expect + +As a result, pattern IDs from these packages will no longer be evaluated during your code scans, and any existing issues from them will disappear. + +Below is the comprehensive list of patterns that are being removed, categorized by their respective frameworks. If your projects rely on these specific checks, you may need to update your rulesets or migrate to modern, supported equivalents. + +#### Magento + +- MEQP1_Classes_Mysql4 +- MEQP1_Classes_ObjectInstantiation +- MEQP1_Classes_ResourceModel +- MEQP1_CodeAnalysis_EmptyBlock +- MEQP1_Exceptions_DirectThrow +- MEQP1_Exceptions_Namespace +- MEQP1_Performance_CollectionCount +- MEQP1_Performance_EmptyCheck +- MEQP1_Performance_InefficientMethods +- MEQP1_Performance_Loop +- MEQP1_PHP_Goto +- MEQP1_PHP_PrivateClassMember +- MEQP1_PHP_Syntax +- MEQP1_PHP_Var +- MEQP1_SQL_MissedIndexes +- MEQP1_SQL_RawQuery +- MEQP1_SQL_SlowQuery +- Magento2Framework_Header_Copyright +- Magento2Framework_Header_CopyrightAnotherExtensionsFiles +- Magento2Framework_Header_CopyrightGraphQL +- Magento2Framework_Header_License +- Magento2_Annotation_MethodAnnotationStructure +- Magento2_Annotation_MethodArguments +- Magento2_Classes_AbstractApi +- Magento2_Classes_DiscouragedDependencies +- Magento2_CodeAnalysis_EmptyBlock +- Magento2_Commenting_ClassAndInterfacePHPDocFormatting +- Magento2_Commenting_ClassPropertyPHPDocFormatting +- Magento2_Commenting_ConstantsPHPDocFormatting +- Magento2_Exceptions_DirectThrow +- Magento2_Exceptions_ThrowCatch +- Magento2_Exceptions_TryProcessSystemResources +- Magento2_Functions_DiscouragedFunction +- Magento2_Functions_FunctionsDeprecatedWithoutArgument +- Magento2_Functions_StaticFunction +- Magento2_GraphQL_AbstractGraphQL +- Magento2_GraphQL_ValidArgumentName +- Magento2_GraphQL_ValidEnumValue +- Magento2_GraphQL_ValidFieldName +- Magento2_GraphQL_ValidTopLevelFieldName +- Magento2_GraphQL_ValidTypeName +- Magento2_Html_HtmlBinding +- Magento2_Html_HtmlClosingVoidTags +- Magento2_Html_HtmlCollapsibleAttribute +- Magento2_Html_HtmlDirective +- Magento2_Html_HtmlSelfClosingTags +- Magento2_Legacy_AbstractBlock +- Magento2_Legacy_ClassReferencesInConfigurationFiles +- Magento2_Legacy_DiConfig +- Magento2_Legacy_EmailTemplate +- Magento2_Legacy_EscapeMethodsOnBlockClass +- Magento2_Legacy_InstallUpgrade +- Magento2_Legacy_Layout +- Magento2_Legacy_MageEntity +- Magento2_Legacy_ModuleXML +- Magento2_Legacy_ObsoleteAcl +- Magento2_Legacy_ObsoleteConfigNodes +- Magento2_Legacy_ObsoleteConnection +- Magento2_Legacy_ObsoleteMenu +- Magento2_Legacy_ObsoleteSystemConfiguration +- Magento2_Legacy_PhtmlTemplate +- Magento2_Legacy_RestrictedCode +- Magento2_Legacy_TableName +- Magento2_Legacy_WidgetXML +- Magento2_Less_AvoidId +- Magento2_Less_BracesFormatting +- Magento2_Less_ClassNaming +- Magento2_Less_ColonSpacing +- Magento2_Less_ColourDefinition +- Magento2_Less_CombinatorIndentation +- Magento2_Less_CommentLevels +- Magento2_Less_ImportantProperty +- Magento2_Less_Indentation +- Magento2_Less_PropertiesLineBreak +- Magento2_Less_PropertiesSorting +- Magento2_Less_Quotes +- Magento2_Less_SelectorDelimiter +- Magento2_Less_SemicolonSpacing +- Magento2_Less_TypeSelectorConcatenation +- Magento2_Less_TypeSelectors +- Magento2_Less_Variables +- Magento2_Less_ZeroUnits +- Magento2_Methods_DeprecatedModelMethod +- Magento2_Namespaces_ImportsFromTestNamespace +- Magento2_NamingConvention_InterfaceName +- Magento2_NamingConvention_ReservedWords +- Magento2_Performance_ForeachArrayMerge +- Magento2_PHP_ArrayAutovivification +- Magento2_PHP_AutogeneratedClassNotInConstructor +- Magento2_PHP_FinalImplementation +- Magento2_PHP_Goto +- Magento2_PHP_LiteralNamespaces +- Magento2_PHP_ReturnValueCheck +- Magento2_PHP_ShortEchoSyntax +- Magento2_PHP_Var +- Magento2_SQL_RawQuery +- Magento2_Whitespace_MultipleEmptyLines + +#### PHP CS Security + +- Security_BadFunctions_Asserts +- Security_BadFunctions_Backticks +- Security_BadFunctions_CallbackFunctions +- Security_BadFunctions_CryptoFunctions +- Security_BadFunctions_EasyRFI +- Security_BadFunctions_EasyXSS +- Security_BadFunctions_ErrorHandling +- Security_BadFunctions_FilesystemFunctions +- Security_BadFunctions_FringeFunctions +- Security_BadFunctions_FunctionHandlingFunctions +- Security_BadFunctions_Mysqli +- Security_BadFunctions_NoEvals +- Security_BadFunctions_Phpinfos +- Security_BadFunctions_PregReplace +- Security_BadFunctions_SQLFunctions +- Security_BadFunctions_SystemExecFunctions +- Security_CVE_20132110 +- Security_CVE_20134113 +- Security_Drupal7_AESModule +- Security_Drupal7_AdvisoriesContrib +- Security_Drupal7_AdvisoriesCore +- Security_Drupal7_Cachei +- Security_Drupal7_DbQueryAC +- Security_Drupal7_DynQueries +- Security_Drupal7_HttpRequest +- Security_Drupal7_SQLi +- Security_Drupal7_UserInputWatch +- Security_Drupal7_XSSFormValue +- Security_Drupal7_XSSHTMLConstruct +- Security_Drupal7_XSSPTheme +- Security_Misc_BadCorsHeader +- Security_Misc_IncludeMismatch + +#### WordPress + +- WordPressVIPMinimum_Classes_DeclarationCompatibility +- WordPressVIPMinimum_Classes_RestrictedExtendClasses +- WordPressVIPMinimum_Constants_ConstantString +- WordPressVIPMinimum_Constants_RestrictedConstants +- WordPressVIPMinimum_Files_IncludingFile +- WordPressVIPMinimum_Files_IncludingNonPHPFile +- WordPressVIPMinimum_Functions_CheckReturnValue +- WordPressVIPMinimum_Functions_DynamicCalls +- WordPressVIPMinimum_Functions_RestrictedFunctions +- WordPressVIPMinimum_Functions_StripTags +- WordPressVIPMinimum_Hooks_AlwaysReturnInFilter +- WordPressVIPMinimum_Hooks_PreGetPosts +- WordPressVIPMinimum_Hooks_RestrictedHooks +- WordPressVIPMinimum_JS_DangerouslySetInnerHTML +- WordPressVIPMinimum_JS_HTMLExecutingFunctions +- WordPressVIPMinimum_JS_InnerHTML +- WordPressVIPMinimum_JS_StringConcat +- WordPressVIPMinimum_JS_StrippingTags +- WordPressVIPMinimum_JS_Window +- WordPressVIPMinimum_Performance_CacheValueOverride +- WordPressVIPMinimum_Performance_FetchingRemoteData +- WordPressVIPMinimum_Performance_LowExpiryCacheTime +- WordPressVIPMinimum_Performance_NoPaging +- WordPressVIPMinimum_Performance_OrderByRand +- WordPressVIPMinimum_Performance_RegexpCompare +- WordPressVIPMinimum_Performance_RemoteRequestTimeout +- WordPressVIPMinimum_Performance_TaxonomyMetaInOptions +- WordPressVIPMinimum_Performance_WPQueryParams +- WordPressVIPMinimum_Security_EscapingVoidReturnFunctions +- WordPressVIPMinimum_Security_ExitAfterRedirect +- WordPressVIPMinimum_Security_Mustache +- WordPressVIPMinimum_Security_PHPFilterFunctions +- WordPressVIPMinimum_Security_ProperEscapingFunction +- WordPressVIPMinimum_Security_StaticStrreplace +- WordPressVIPMinimum_Security_Twig +- WordPressVIPMinimum_Security_Underscorejs +- WordPressVIPMinimum_Security_Vuejs +- WordPressVIPMinimum_UserExperience_AdminBarRemoval +- WordPressVIPMinimum_Variables_RestrictedVariables +- WordPressVIPMinimum_Variables_ServerVariables +- WordPress_Arrays_ArrayDeclarationSpacing +- WordPress_Arrays_ArrayIndentation +- WordPress_Arrays_ArrayKeySpacingRestrictions +- WordPress_Arrays_MultipleStatementAlignment +- WordPress_CodeAnalysis_AssignmentInTernaryCondition +- WordPress_CodeAnalysis_EscapedNotTranslated +- WordPress_DB_DirectDatabaseQuery +- WordPress_DB_PreparedSQLPlaceholders +- WordPress_DB_RestrictedClasses +- WordPress_DB_RestrictedFunctions +- WordPress_DB_SlowDBQuery +- WordPress_DateTime_CurrentTimeTimestamp +- WordPress_DateTime_RestrictedFunctions +- WordPress_Files_FileName +- WordPress_NamingConventions_PrefixAllGlobals +- WordPress_NamingConventions_ValidFunctionName +- WordPress_NamingConventions_ValidHookName +- WordPress_NamingConventions_ValidPostTypeSlug +- WordPress_NamingConventions_ValidVariableName +- WordPress_PHP_DevelopmentFunctions +- WordPress_PHP_DiscouragedPHPFunctions +- WordPress_PHP_DontExtract +- WordPress_PHP_IniSet +- WordPress_PHP_NoSilencedErrors +- WordPress_PHP_POSIXFunctions +- WordPress_PHP_PregQuoteDelimiter +- WordPress_PHP_RestrictedPHPFunctions +- WordPress_PHP_StrictInArray +- WordPress_PHP_TypeCasts +- WordPress_PHP_YodaConditions +- WordPress_WP_AlternativeFunctions +- WordPress_WP_Capabilities +- WordPress_WP_CapitalPDangit +- WordPress_WP_ClassNameCase +- WordPress_WP_CronInterval +- WordPress_WP_DeprecatedClasses +- WordPress_WP_DeprecatedFunctions +- WordPress_WP_DeprecatedParameterValues +- WordPress_WP_DeprecatedParameters +- WordPress_WP_DiscouragedConstants +- WordPress_WP_DiscouragedFunctions +- WordPress_WP_EnqueuedResourceParameters +- WordPress_WP_EnqueuedResources +- WordPress_WP_GlobalVariablesOverride +- WordPress_WP_I18n +- WordPress_WP_PostsPerPage +- WordPress_WhiteSpace_CastStructureSpacing +- WordPress_WhiteSpace_ControlStructureSpacing +- WordPress_WhiteSpace_ObjectOperatorSpacing +- WordPress_WhiteSpace_OperatorSpacing + + +If you have any questions regarding this update or need assistance migrating to modern equivalents for these checks, please reach out to our support team. \ No newline at end of file From 3b8c47ee4b3a219f7397e088630759e6517ebbda Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Fri, 10 Jul 2026 17:00:27 +0100 Subject: [PATCH 2/5] add mentions in index --- docs/release-notes/index.md | 1 + mkdocs.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/docs/release-notes/index.md b/docs/release-notes/index.md index ac0eaacd6c..92ec489feb 100644 --- a/docs/release-notes/index.md +++ b/docs/release-notes/index.md @@ -18,6 +18,7 @@ For product updates that are in progress or planned [visit the Codacy public roa 2026 +- [PHP_CodeSniffer Upgrade and Legacy Package Deprecations July, 2026](cloud/cloud-2026-07-remove-codesniffer-packages.md) - [Cloud June 2026](cloud/cloud-2026-06.md) - [Cloud May 2026](cloud/cloud-2026-05.md) - [Cloud April 2026](cloud/cloud-2026-04.md) diff --git a/mkdocs.yml b/mkdocs.yml index 2c0fa64011..bc0d252130 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -691,6 +691,7 @@ nav: - release-notes/index.md - Cloud: - 2026: + - release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md) - release-notes/cloud/cloud-2026-06.md - release-notes/cloud/cloud-2026-05.md - release-notes/cloud/cloud-2026-04.md From d27ea7c1b1e1da3b0561804d50f07704685227fd Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Fri, 10 Jul 2026 17:00:55 +0100 Subject: [PATCH 3/5] add new line --- .../cloud/cloud-2026-07-remove-codesniffer-packages.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md b/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md index c8fd682e8e..263b212377 100644 --- a/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md +++ b/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md @@ -254,4 +254,4 @@ Below is the comprehensive list of patterns that are being removed, categorized - WordPress_WhiteSpace_OperatorSpacing -If you have any questions regarding this update or need assistance migrating to modern equivalents for these checks, please reach out to our support team. \ No newline at end of file +If you have any questions regarding this update or need assistance migrating to modern equivalents for these checks, please reach out to our support team. From f28388daedfb434a1a7eef3367621eb13c5edbbe Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Fri, 10 Jul 2026 17:02:09 +0100 Subject: [PATCH 4/5] improve copy --- .../cloud/cloud-2026-07-remove-codesniffer-packages.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md b/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md index 263b212377..72d27e4976 100644 --- a/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md +++ b/docs/release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md @@ -23,7 +23,7 @@ The following packages are incompatible with the latest PHP_CodeSniffer version As a result, pattern IDs from these packages will no longer be evaluated during your code scans, and any existing issues from them will disappear. -Below is the comprehensive list of patterns that are being removed, categorized by their respective frameworks. If your projects rely on these specific checks, you may need to update your rulesets or migrate to modern, supported equivalents. +Below is the comprehensive list of patterns that are being removed, categorized by their respective frameworks. #### Magento From 63567ae2f0ad099167e95d544e15ca8ea6c89a7e Mon Sep 17 00:00:00 2001 From: DMarinhoCodacy Date: Fri, 10 Jul 2026 17:05:15 +0100 Subject: [PATCH 5/5] remove typo --- mkdocs.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mkdocs.yml b/mkdocs.yml index bc0d252130..1fc74ce711 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -691,7 +691,7 @@ nav: - release-notes/index.md - Cloud: - 2026: - - release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md) + - release-notes/cloud/cloud-2026-07-remove-codesniffer-packages.md - release-notes/cloud/cloud-2026-06.md - release-notes/cloud/cloud-2026-05.md - release-notes/cloud/cloud-2026-04.md