Closed westonruter closed 3 years ago
@westonruter Good catch and thanks for reporting. We'll get that fixed up over the next few days. Sorry for the noisy messages for the time being.
@westonruter PR #668 should fix this. If you have a chance, testing would be appreciated.
Bug Description
When updating from 2.2.0 to 2.3.0 we got a lot of false positives of
notAttrEscAttr
in theProperEscapingFunction
sniff whereprintf()
orsprintf()
are being used. For example:This code is getting flagged with:
See other such instances in the PR's check annotations: https://github.com/ampproject/amp-wp/pull/6079/files
Minimal Code Snippet
See above.
Error Code
WordPressVIPMinimum.Security.ProperEscapingFunction.notAttrEscAttr
Environment
Use
php -v
andcomposer show
to get versions.Additional Context (optional)
Tested Against
master
branch?master
branch of VIPCS.develop
branch of VIPCS.