Welcome to WordPress VIP! This repository is a starting point for building your WordPress VIP application, including all the base directories.
👋 Just a quick reminder that this is a public repo. Please don't include any internal links or sensitive data (like PII, private code, customer names, site URLs, etc. Any fixes related to security should be discussed with Pla 8000 tform before opening a PR. If you're not sure if something is safe to share, please just ask!
We recommend starting with one of the following WordPress VIP guidebooks:
- Get Started
- Development on WordPress VIP
- Prepare for a Site Launch
modules/: Contains modular components of the security boost integration.utils/: Contains utility functions and helper classes.vip-config/: For custom configurations and additionalsunrise.phpchanges. This folder'svip-config.phpcan be used to supply things usually found inwp-config.php.
Key files in the root directory:
vip-security-boost.php: Main plugin fileclass-loader.php: Loads enabled modules for the integration
These directories and files are essential for the security boost integration to function properly. Any additional directories created in your GitHub repository that are not included in the above list will not be mounted onto your site, and so will not be web-accessible.
For more information on how our codebase is structured, see https://docs.wpvip.com/technical-references/vip-codebase/.
The docs/ directory is a special directory that contains your documentation for your application. It is not mounted onto your site, but is available for you to use. See docs/index.php for more information.
We utilize PHPUnit 9 for unit tests. For an example of a test suite please refer to the /tests/phpunit folder.
To run the unit tests, execute the following command from the project root:
composer testThis script uses Docker to run the tests in an isolated environment.
When testing classes defined within the modules/ directory, ensure they are correctly autoloaded for the test environment. Add the necessary file paths to the autoload-dev section in composer.json:
"autoload-dev": {
"files": [
"modules/inactive-users/inactive-users.php"
]
},After modifying composer.json, regenerate the autoload files:
composer dump-autoloadNote: If a module class file includes a global initialization call (e.g., My_Class::init(); at the end of the file), it might run before the test's setUp method configures necessary constants or settings. If you encounter test failures related to incorrect configuration, you may need to explicitly re-run the class's initialization method at the beginning of the affected test method(s).
For end-to-end tests we use Playwright. Examples can be found in /tests/e2e.
Psalm is a free & open-source static analysis tool that helps you identify problems in your code.
Please note, for Psalm to work properly you will need to annotate your PHP code. For examples please refer to /plugins/auth-monitoring.
Linting and coding standards are powered by PHP_CodeSniffer (commonly known as PHPCS) along with WordPress VIP and WordPress core rulesets.
For more information please refer to the linting documentation.
To check the codebase for coding standards violations, run:
composer lintTo automatically fix many of the reported violations, run:
composer formatIf you need help with anything, VIP's support team is just a ticket away.
Feel free to add to or replace this README.md content with content unique to your project, for example:
- Project-specific notes; like a list of VIP environments and branches,
- Workflow documentation; so everyone working in this repo can follow a defined process, or
- Instructions for testing new features.
This can be detailed in the docs/ directory.