wpallstars/wp-plugin-starter-template-for-ai-coding
Template
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
wp-plugin-starter-template-…/.ai-workflows/code-review.md
marcusquinn 342eefd471
Some checks failed
Tests / PHP 7.0 (push) Has been cancelled
Details
Tests / PHP 7.4 (push) Has been cancelled
Details
Tests / PHP 8.0 (push) Has been cancelled
Details
Tests / Code Style (push) Has been cancelled
Details
Release / Build and Release (push) Has been cancelled
Details
Update documentation with AI IDE context recommendations and improve starter prompt
2025-04-18 03:57:43 +01:00

164 lines
4.4 KiB
Markdown
Raw Permalink Blame History

# Code Review Guide for AI Assistants
This document provides guidance for AI assistants to help with code review for the Fix Plugin Does Not Exist Notices plugin.
## Code Review Checklist
When reviewing code, check for the following:
### Functionality
- [ ] Does the code work as expected?
- [ ] Does it handle edge cases appropriately?
- [ ] Are there any logical errors?
- [ ] Is error handling implemented properly?
### Code Quality
- [ ] Does the code follow WordPress coding standards?
- [ ] Is the code well-organized and easy to understand?
- [ ] Are there any code smells (duplicate code, overly complex functions, etc.)?
- [ ] Are functions and variables named appropriately?
- [ ] Are there appropriate comments and documentation?
### Security
- [ ] Is user input properly validated and sanitized?
- [ ] Is output properly escaped?
- [ ] Are capability checks used for user actions?
- [ ] Are nonces used for form submissions?
- [ ] Are there any potential SQL injection vulnerabilities?
- [ ] Are there any potential XSS vulnerabilities?
### Performance
- [ ] Are there any performance bottlenecks?
- [ ] Are database queries optimized?
- [ ] Is caching used appropriately?
- [ ] Are assets (CSS, JS) properly enqueued?
### Compatibility
- [ ] Is the code compatible with the minimum supported WordPress version (5.0)?
- [ ] Is the code compatible with the minimum supported PHP version (7.0)?
- [ ] Are there any browser compatibility issues?
- [ ] Are there any conflicts with other plugins?
### Internationalization
- [ ] Are all user-facing strings translatable?
- [ ] Is the correct text domain used?
- [ ] Are translation functions used correctly?
### Accessibility
- [ ] Does the code follow accessibility best practices?
- [ ] Are ARIA attributes used appropriately?
- [ ] Is keyboard navigation supported?
- [ ] Is screen reader support implemented?
## Code Review Process
### 1. Understand the Context
Before reviewing code, understand:
- What problem is the code trying to solve?
- What are the requirements?
- What are the constraints?
### 2. Review the Code
Review the code with the checklist above in mind.
### 3. Provide Feedback
When providing feedback:
- Be specific and clear
- Explain why a change is needed
- Provide examples or suggestions when possible
- Prioritize feedback (critical issues vs. minor improvements)
- Be constructive and respectful
### 4. Follow Up
After the code has been updated:
- Review the changes
- Verify that issues have been addressed
- Provide additional feedback if necessary
## Common Issues to Look For
### PHP Issues
- Undefined variables or functions
- Incorrect function parameters
- Missing return statements
- Improper error handling
- Inefficient loops or conditionals
- Hardcoded values that should be configurable
### WordPress-Specific Issues
- Incorrect hook usage
- Missing or incorrect nonces
- Missing capability checks
- Direct database queries instead of using WordPress functions
- Improper enqueuing of scripts and styles
- Not using WordPress functions for common tasks
### JavaScript Issues
- Undefined variables or functions
- Event listener memory leaks
- jQuery conflicts
- Browser compatibility issues
- Missing error handling
### CSS Issues
- Browser compatibility issues
- Specificity issues
- Unused styles
- Overriding WordPress admin styles inappropriately
## Example Feedback
### Good Feedback Example
```
In function `handle_remove_reference()`:
1. The nonce check is missing, which could lead to CSRF vulnerabilities.
Consider adding:
```php
if (!isset($_GET['_wpnonce']) || !wp_verify_nonce($_GET['_wpnonce'], 'fpden_remove_reference')) {
wp_die(__('Security check failed.', 'fix-plugin-does-not-exist-notices'));
}
```
2. The user capability check should be more specific. Instead of:
```php
if (!current_user_can('manage_options')) {
```
Consider using:
```php
if (!current_user_can('activate_plugins')) {
```
This is more appropriate for the action being performed.
3. The success message should be translatable:
```php
// Change this:
add_settings_error('fpden', 'fpden_removed', 'Plugin reference removed successfully.', 'updated');
// To this:
add_settings_error('fpden', 'fpden_removed', __('Plugin reference removed successfully.', 'fix-plugin-does-not-exist-notices'), 'updated');
```
```
### Poor Feedback Example
```
This code has security issues and doesn't follow best practices. Fix it.
```
Reference in New Issue View Git Blame Copy Permalink