Skip to content

Standardise CI configuration and add unit test infrastructure #184

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
GaryJones merged 4 commits into from
Dec 14, 2025
Merged

Standardise CI configuration and add unit test infrastructure #184

GaryJones merged 4 commits into from
Dec 14, 2025

Conversation

@GaryJones
Copy link
Collaborator

@GaryJones GaryJones commented Dec 14, 2025
edited
Loading

This pull request modernises the plugin's development infrastructure by standardising CI workflows and introducing proper unit testing capabilities.

Summary

  • Standardise GitHub Actions with pinned SHA versions and security hardening
  • Reconfigure Dependabot for weekly updates with dependency grouping
  • Add Brain Monkey-based unit tests for isolated testing without WordPress
  • Add .distignore for cleaner release packages
  • Reorganise .gitignore with clear sections

Test plan

  • Verify unit tests pass via composer test:unit
  • Verify integration tests still work via composer test:integration
  • Check GitHub Actions workflows run correctly

🤖 Generated with Claude Code

@GaryJones GaryJones self-assigned this Dec 14, 2025
@GaryJones GaryJones added the type: maintenance Routine maintenance and code quality improvements label Dec 14, 2025
GaryJones and others added 3 commits December 14, 2025 01:19
@GaryJones
ci: standardise GitHub Actions and dependency management
15f34c9 
Aligns CI configuration with Automattic plugin standards to improve security posture and reduce maintenance overhead across the plugin portfolio. These changes bring the repository in line with established patterns used in other a8c plugins, making it easier for the team to maintain consistent security practices and dependency update schedules.

The Dependabot configuration moves from daily to weekly updates with intelligent grouping of related dependencies, reducing PR noise whilst maintaining currency. GitHub Actions now use SHA-pinned references rather than mutable tags, preventing supply chain attacks where action maintainers could push malicious code to existing version tags. Template injection vulnerabilities in workflow commands are eliminated by using environment variables rather than direct context expansion. The addition of explicit permission blocks and credential persistence controls implements least privilege principles, ensuring workflows can only access the resources they genuinely require.

The yoast/wp-test-utils constraint is tightened to ^1.2 to ensure compatibility with the updated testing approach, whilst the integration workflow filename is simplified to match standard naming conventions across the plugin collection.
@GaryJones @claude
chore: standardise .gitignore and add .distignore
14acc62 
Standardises .gitignore with consistent patterns and adds .distignore
for WordPress.org release packaging. Development files like tests,
vendor, and node_modules are now properly excluded from distributions.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@GaryJones @claude
test: add unit test suite with Brain Monkey
e7fb1df 
Adds unit tests for Ad_Code_Manager class methods that can be tested
without WordPress, including validate_script_url() for URL whitelist
validation and filter_output_tokens() for token replacement logic.

Changes:
- Add tests/Unit/ directory with TestCase base class
- Add AdCodeManagerTest.php (10 tests) covering URL validation and
  token filtering
- Add tests/bootstrap.php to support both unit and integration tests
- Update phpunit.xml.dist to include Unit testsuite
- Add test:unit composer script
- Add phpunit ^9.6 to require-dev
- Rename test-integration to test:integration for consistency

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@GaryJones GaryJones force-pushed the standardize/configs-and-ci branch from f435d1d to 9f44b4d Compare December 14, 2025 01:19
@GaryJones @claude
ci: add unit test workflow
947805c 
Adds GitHub Actions workflow for running unit tests across multiple PHP
versions (7.4, 8.1, 8.2, 8.3). Unit tests run without WordPress using
Brain Monkey, enabling faster feedback on pure PHP logic.

Workflow is hardened with:
- Minimal permissions (contents: read)
- Pinned action versions with SHA
- persist-credentials: false

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
@GaryJones GaryJones force-pushed the standardize/configs-and-ci branch from 9f44b4d to 947805c Compare December 14, 2025 01:22
@GaryJones GaryJones merged commit 83610a9 into develop Dec 14, 2025
30 of 31 checks passed
@GaryJones GaryJones deleted the standardize/configs-and-ci branch December 14, 2025 01:32
@GaryJones GaryJones added this to the 0.7.2 milestone Dec 14, 2025
@GaryJones GaryJones mentioned this pull request Dec 21, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@GaryJones GaryJones

Labels

type: maintenance Routine maintenance and code quality improvements

Projects

None yet

Milestone

0.8.0

Development

Successfully merging this pull request may close these issues.

2 participants

@GaryJones