wpallstars/wp-plugin-starter-template-for-ai-coding
Template
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
wp-plugin-starter-template-…/.ai-workflows/code-review.md
marcusquinn 342eefd471
Some checks failed
Tests / PHP 7.0 (push) Has been cancelled
Details
Tests / PHP 7.4 (push) Has been cancelled
Details
Tests / PHP 8.0 (push) Has been cancelled
Details
Tests / Code Style (push) Has been cancelled
Details
Release / Build and Release (push) Has been cancelled
Details
Update documentation with AI IDE context recommendations and improve starter prompt
2025-04-18 03:57:43 +01:00

4.4 KiB
Raw Permalink Blame History

Code Review Guide for AI Assistants

This document provides guidance for AI assistants to help with code review for the Fix Plugin Does Not Exist Notices plugin.

Code Review Checklist

When reviewing code, check for the following:

Functionality

  • Does the code work as expected?
  • Does it handle edge cases appropriately?
  • Are there any logical errors?
  • Is error handling implemented properly?

Code Quality

  • Does the code follow WordPress coding standards?
  • Is the code well-organized and easy to understand?
  • Are there any code smells (duplicate code, overly complex functions, etc.)?
  • Are functions and variables named appropriately?
  • Are there appropriate comments and documentation?

Security

  • Is user input properly validated and sanitized?
  • Is output properly escaped?
  • Are capability checks used for user actions?
  • Are nonces used for form submissions?
  • Are there any potential SQL injection vulnerabilities?
  • Are there any potential XSS vulnerabilities?

Performance

  • Are there any performance bottlenecks?
  • Are database queries optimized?
  • Is caching used appropriately?
  • Are assets (CSS, JS) properly enqueued?

Compatibility

  • Is the code compatible with the minimum supported WordPress version (5.0)?
  • Is the code compatible with the minimum supported PHP version (7.0)?
  • Are there any browser compatibility issues?
  • Are there any conflicts with other plugins?

Internationalization

  • Are all user-facing strings translatable?
  • Is the correct text domain used?
  • Are translation functions used correctly?

Accessibility

  • Does the code follow accessibility best practices?
  • Are ARIA attributes used appropriately?
  • Is keyboard navigation supported?
  • Is screen reader support implemented?

Code Review Process

1. Understand the Context

Before reviewing code, understand:

  • What problem is the code trying to solve?
  • What are the requirements?
  • What are the constraints?

2. Review the Code

Review the code with the checklist above in mind.

3. Provide Feedback

When providing feedback:

  • Be specific and clear
  • Explain why a change is needed
  • Provide examples or suggestions when possible
  • Prioritize feedback (critical issues vs. minor improvements)
  • Be constructive and respectful

4. Follow Up

After the code has been updated:

  • Review the changes
  • Verify that issues have been addressed
  • Provide additional feedback if necessary

Common Issues to Look For

PHP Issues

  • Undefined variables or functions
  • Incorrect function parameters
  • Missing return statements
  • Improper error handling
  • Inefficient loops or conditionals
  • Hardcoded values that should be configurable

WordPress-Specific Issues

  • Incorrect hook usage
  • Missing or incorrect nonces
  • Missing capability checks
  • Direct database queries instead of using WordPress functions
  • Improper enqueuing of scripts and styles
  • Not using WordPress functions for common tasks

JavaScript Issues

  • Undefined variables or functions
  • Event listener memory leaks
  • jQuery conflicts
  • Browser compatibility issues
  • Missing error handling

CSS Issues

  • Browser compatibility issues
  • Specificity issues
  • Unused styles
  • Overriding WordPress admin styles inappropriately

Example Feedback

Good Feedback Example

In function `handle_remove_reference()`:

1. The nonce check is missing, which could lead to CSRF vulnerabilities. 
   Consider adding:
   ```php
   if (!isset($_GET['_wpnonce']) || !wp_verify_nonce($_GET['_wpnonce'], 'fpden_remove_reference')) {
       wp_die(__('Security check failed.', 'fix-plugin-does-not-exist-notices'));
   }

  1. The user capability check should be more specific. Instead of:

    if (!current_user_can('manage_options')) {

    Consider using:

    if (!current_user_can('activate_plugins')) {

    This is more appropriate for the action being performed.

  2. The success message should be translatable:

    // Change this:
add_settings_error('fpden', 'fpden_removed', 'Plugin reference removed successfully.', 'updated');

// To this:
add_settings_error('fpden', 'fpden_removed', __('Plugin reference removed successfully.', 'fix-plugin-does-not-exist-notices'), 'updated');


### Poor Feedback Example

This code has security issues and doesn't follow best practices. Fix it.