Plugin Check is a WordPress.org tool which provides checks to help plugins meet the directory requirements and follow various best practices.
Plugin Check is a tool for testing whether your plugin meets the required standards for the WordPress.org plugin directory. With this plugin you will be able to run most of the checks used for new submissions, and check if your plugin meets the requirements.
Additionally, the tool flags violations or concerns around plugin development best practices, from basic requirements like correct usage of internationalization functions to accessibility, performance, and security best practices.
The checks can be run either using the WP Admin user interface or WP-CLI:
wp plugin check
command. For example, to check the “Hello Dolly” plugin: wp plugin check hello.php
--require
argument of WP-CLI, to manually load the cli.php
file within the plugin checker directory before WordPress is loaded. For example: wp plugin check hello.php --require=./wp-content/plugins/plugin-check/cli.php
The checks are grouped into several categories, so that you can customize which kinds of checks you would like to run on a plugin.
Keep in mind that this plugin is not a replacement for the manual review process, but it will help you speed up the process of getting your plugin approved for the WordPress.org plugin repository, and it will also help you avoid some common mistakes.
Even if you do not intend to host your plugin in the WordPress.org directory, you are encouraged to use Plugin Check so that your plugin follows the base requirements and best practices for WordPress plugins.
plugin-check
folder to the /wp-content/plugins/
directory.All development for this plugin is handled via GitHub any issues or pull requests should be posted there.
We strive to write a plugin in a way that minimizes false positives but if you find one, please report it in the GitHub repo. For certain false positives, such as those detected by PHPCodeSniffer, you may be able to annotate the code to ignore the specific problem for a specific line.
It’s not flagging “bad” things, as such. Plugin Check is designed to be a non-perfect way to test for compliance with the Plugin Review guidelines, as well as additional plugin development best practices in accessibility, performance, security and other areas. Not all plugins must adhere to these guidelines. The purpose of the checking tool is to ensure that plugins uploaded to the central WordPress.org plugin repository meet the latest standards of WordPress plugin and will work on a wide variety of sites.
Many sites use custom plugins, and that’s perfectly okay. But plugins that are intended for use on many different kinds of sites by the public need to have a certain minimum level of capabilities, in order to ensure proper functioning in many different environments. The Plugin Review guidelines are created with that goal in mind.
This plugin checker is not perfect, and never will be. It is only a tool to help plugin authors, or anybody else who wants to make their plugin more capable. All plugins submitted to WordPress.org are hand-reviewed by a team of experts. The automated plugin checker is meant to be a useful tool only, not an absolute system of measurement.
To be approved in the WordPress.org plugin directory, a plugin must typically pass all checks in the “Plugin repo” category. Other checks are additional and may not be required to pass.
In any case, passing the checks in this tool likely helps to achieve a smooth plugin review process, but is no guarantee that a plugin will be approved in the WordPress.org plugin directory.
Enqueued_Scripts_Scope_Check
(enqueued_scripts_scope
), Enqueued_Styles_Size_Check
(enqueued_styles_size
) and Enqueued_Resources_Check
(enqueued_resources
) performance checks.wp_plugin_check_ignored_readme_warnings
filter.wp_plugin_check_default_categories
filter to change the categories which are selected by default.wp_plugin_check_ignore_files
filter to allow ignoring specific files.test-content
folder needed for runtime checks.argv
variable isn’t set.squizlabs/PHP_CodeSniffer
to use PHPCSStandards/PHP_CodeSniffer
.shell_exec
and exec
functions, which enables plugin developers to use PCP in a variety of new environments.contributor_ignored
for when running the check outside WP.org. Props @dev4press. #276readme.txt
has priority over readme.md
when both are present. Props @bordoni, @afragen #258PLUGIN_CHECK_PHP_BIN
constant.ALLOW_UNFILTERED_UPLOADS
on any PHP files – Props EvanHerman at #45.a
, .bin
, .bpk
, .deploy
, .dist
, .distz
, .dmg
, .dms
, .DS_Store
, .dump
, .elc
, .exe
, .iso
, .lha
, .lrf
, .lzh
, .o
, .obj
, .phar
, .pkg
, .sh
, ‘.so`) – Props EvanHerman at #43move_uploaded_file
, passthru
, proc_open
– Props alexsanford at #50Original version of the plugin check tool, not a released version of the plugin, this changelog is here for historical purposes only.