WPScan fixes: Changes to file path and addon location, update tests

[gudmdharalds]

This pull request brings in a few fixes for the WPScan API integration.

TODO:

• [x] Fixes:
  • [x] File path and addon location are calculated directly from repository data.
• [x] Add/update tests -- unit and/or integrated (if needed)
  • [x] Update tests in relation to path and add-on location changes.
  • [x] Add slugs to tests.
• [x] Add to, or update, Scan run detail report as applicable
• [x] Check status of automated tests
  • [x] Run integration tests manually (see comment).
• [x] Ensure PHPDoc comments are up to date for functions added or altered
• [x] Changelog entry (for VIP) [ #333 ]

[wpcomvip-vipgoci-bot]

No issues were found to report when scanning latest commit (commit-ID: 3672e6d890277d7779b235ea5c9d1e63e06cf1c7)

---

This bot provides automated PHP linting and PHPCS scanning. For more information about the bot and available customizations, see our documentation.

---

---

Scan run detail

Software versions vip-go-ci version: 1.3.3 PHP runtime version for vip-go-ci: 8.1.14 PHP runtime for linting: PHP 8.1: 8.1.14 PHP runtime version for PHPCS: 7.4.33 PHPCS version: 3.7.1 PHP runtime version for SVG scanner: 7.4.33 Options file (.vipgoci_options) Options file enabled: true Configurable options: skip-execution skip-draft-prs lint-modified-files-only phpcs phpcs-severity phpcs-sniffs-include phpcs-sniffs-exclude report-no-issues-found review-comments-sort review-comments-include-severity post-generic-pr-support-comments review-comments-sort scan-details-msg-include svg-checks autoapprove autoapprove-php-nonfunctional-changes Options altered: phpcs-severityset to1 phpcs-sniffs-includeset toGeneric.PHP.DisallowShortOpenTag, Squiz.PHP.CommentedOutCode phpcs-sniffs-excludeset toWordPress.Security.EscapeOutput, WordPress.PHP.DevelopmentFunctions, WordPress.WP.AlternativeFunctions, WordPress.PHP.DiscouragedPHPFunctions, WordPress.Files.FileName, Squiz.Commenting.FileComment, Generic.PHP.Syntax skip-draft-prsset to

PHP lint options PHP lint files enabled: true Lint modified files only: true Lint files with file extensions: php Directories not PHP linted: None SVG configuration SVG scanning enabled: true Scan added/modified files with file extensions: svg Auto-approval configuration Auto-approvals enabled: true Non-functional changes auto-approved: true Files with file extensions to consider for non-functional change auto-approval: php Auto-approved file-types: css csv eot gif gz ico ini jpeg jpg json less map md mdown mo mp4 otf pcss pdf po pot png sass scss styl ttf txt woff woff2 yml

PHPCS configuration PHPCS scanning enabled: true PHPCS severity level: 1 Standard(s) used: PHPCompatibility PHPCompatibilityParagonieRandomCompat PHPCompatibilityParagonieSodiumCompat VariableAnalysis WordPress Runtime set: testVersion 8.1- Scan added/modified files with file extensions: php js twig Custom sniffs included: Generic.PHP.DisallowShortOpenTag Squiz.PHP.CommentedOutCode Custom sniffs excluded: WordPress.Security.EscapeOutput WordPress.PHP.DevelopmentFunctions WordPress.WP.AlternativeFunctions WordPress.PHP.DiscouragedPHPFunctions WordPress.Files.FileName Squiz.Commenting.FileComment Generic.PHP.Syntax Directories not PHPCS scanned: None WPScan API configuration WPScan API scanning enabled: true WPScan API URL: https://wpscan.com/api/v3 Directories scanned: plugins client-mu-plugins themes Directories not scanned: None Scan added/modified plugins based on headers present in files with file extensions: php Scan added/modified themes based on headers present in files with file extensions: css

[gudmdharalds]

The integration tests fail due to GitHub HTTP request rate limit.This is not easy to fix, but is on the agenda to resolve. Ran the tests manually and they passed.