Update phpcs ignore statements

comments.php

@@ -29,11 +29,11 @@
 	?>
 		<h3 class="comments-title">
 			<?php
-				printf( // WPCS: XSS OK.
+				printf(
 					/* translators: the number of comments */
 					esc_html( _nx( '%1$s thought on &ldquo;%2$s&rdquo;', '%1$s thoughts on &ldquo;%2$s&rdquo;', get_comments_number(), 'comments title', '_s' ) ),
-					number_format_i18n( get_comments_number() ),
-					'<span>' . get_the_title() . '</span>'
+					number_format_i18n( get_comments_number() ), // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
+					'<span>' . get_the_title() . '</span>' // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
 				);
 			?>
 		</h3>

inc/extras.php

@@ -64,7 +64,8 @@ function _s_get_attachment_id_from_url( $attachment_url = '' ) {
 		$attachment_url = str_replace( $upload_dir_paths['baseurl'] . '/', '', $attachment_url );
 
 		// Do something with $result.
-		$attachment_id = $wpdb->get_var( $wpdb->prepare( "SELECT wposts.ID FROM $wpdb->posts wposts, $wpdb->postmeta wpostmeta WHERE wposts.ID = wpostmeta.post_id AND wpostmeta.meta_key = '_wp_attached_file' AND wpostmeta.meta_value = %s AND wposts.post_type = 'attachment'", $attachment_url ) ); // WPCS db call ok, cache ok, placeholder ok.
+		// phpcs:ignore phpcs:ignore WordPress.DB -- db call ok, cache ok, placeholder ok.
+		$attachment_id = $wpdb->get_var( $wpdb->prepare( "SELECT wposts.ID FROM $wpdb->posts wposts, $wpdb->postmeta wpostmeta WHERE wposts.ID = wpostmeta.post_id AND wpostmeta.meta_key = '_wp_attached_file' AND wpostmeta.meta_value = %s AND wposts.post_type = 'attachment'", $attachment_url ) );
 	}
 
 	return $attachment_id;

inc/hooks.php

@@ -177,7 +177,8 @@ function _s_display_customizer_header_scripts() {
 	}
 
 	// Otherwise, echo the scripts!
-	echo _s_get_the_content( $scripts ); // WPCS XSS OK.
+	// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
+	echo _s_get_the_content( $scripts );
 }
 add_action( 'wp_head', '_s_display_customizer_header_scripts', 999 );
 
@@ -198,7 +199,8 @@ function _s_display_customizer_footer_scripts() {
 	}
 
 	// Otherwise, echo the scripts!
-	echo _s_get_the_content( $scripts ); // WPCS XSS OK.
+	// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
+	echo _s_get_the_content( $scripts );
 }
 add_action( 'wp_footer', '_s_display_customizer_footer_scripts', 999 );
 

inc/scripts.php

@@ -19,8 +19,8 @@ function _s_scripts() {
 	/**
 	 * If WP is in script debug, or we pass ?script_debug in a URL - set debug to true.
 	 */
-	$debug = ( defined( 'SCRIPT_DEBUG' ) && true === SCRIPT_DEBUG ) || ( isset( $_GET['script_debug'] ) ) ? true : false; // WPCS: CSRF OK.
-
+	// phpcs:ignore WordPress.Security.NonceVerification -- CSRF OK
+	$debug = ( defined( 'SCRIPT_DEBUG' ) && true === SCRIPT_DEBUG ) || ( isset( $_GET['script_debug'] ) ) ? true : false;
 	/**
 	 * If we are debugging the site, use a unique version every page load so as to ensure no cache issues.
 	 */

inc/template-tags.php

@@ -38,7 +38,8 @@ function _s_posted_on() {
 		'<span class="author vcard"><a class="url fn n" href="' . esc_url( get_author_posts_url( get_the_author_meta( 'ID' ) ) ) . '">' . esc_html( get_the_author() ) . '</a></span>'
 	);
 
-	echo '<span class="posted-on">' . $posted_on . '</span><span class="byline"> ' . $byline . '</span>'; // WPCS: XSS OK.
+	 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
+	echo '<span class="posted-on">' . $posted_on . '</span><span class="byline"> ' . $byline . '</span>';
 }
 
 /**
@@ -52,15 +53,17 @@ function _s_entry_footer() {
 		/* translators: used between list items, there is a space after the comma */
 		$categories_list = get_the_category_list( esc_html__( ', ', '_s' ) );
 		if ( $categories_list && _s_categorized_blog() ) {
+
 			/* translators: the post category */
-			printf( '<span class="cat-links">' . esc_html__( 'Posted in %1$s', '_s' ) . '</span>', $categories_list ); // WPCS: XSS OK.
+			printf( '<span class="cat-links">' . esc_html__( 'Posted in %1$s', '_s' ) . '</span>', $categories_list ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
 		}
 
 		/* translators: used between list items, there is a space after the comma */
 		$tags_list = get_the_tag_list( '', esc_html__( ', ', '_s' ) );
 		if ( $tags_list ) {
+
 			/* translators: the post tags */
-			printf( '<span class="tags-links">' . esc_html__( 'Tagged %1$s', '_s' ) . '</span>', $tags_list ); // WPCS: XSS OK.
+			printf( '<span class="tags-links">' . esc_html__( 'Tagged %1$s', '_s' ) . '</span>', $tags_list ); // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
 		}
 	}
 
@@ -299,7 +302,8 @@ function _s_display_social_network_links() {
 						?>
 						<span class="screen-reader-text">
 						<?php
-							echo /* translators: the social network name */ sprintf( esc_html( 'Link to %s', '_s' ), ucwords( esc_html( $network ) ) ); // WPCS: XSS OK.
+						 	// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
+							echo /* translators: the social network name */ sprintf( esc_html( 'Link to %s', '_s' ), ucwords( esc_html( $network ) ) );
 						?>
 						</span>
 					</a>
@@ -349,7 +353,10 @@ function _s_display_numeric_pagination( $args = array(), $query = null ) {
 	?>
 
 	<nav class="pagination-container container" aria-label="<?php esc_attr_e( 'numeric pagination', '_s' ); ?>">
-		<?php echo paginate_links( $args ); // WPCS: XSS OK. ?>
+		<?php
+		 	// phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped -- XSS OK.
+			echo paginate_links( $args );
+		?>
 	</nav>
 
 	<?php

template-parts/content-password-protected.php

@@ -15,7 +15,10 @@
 		</header><!-- .entry-header -->
 
 		<div class="entry-content">
-			<?php echo get_the_password_form(); // WPCS XSS OK. ?>
+			<?php
+				 // phpcs:ignore WordPress.Security.EscapeOutput.OutputNotEscaped
+				echo get_the_password_form();
+			?>
 		</div><!-- .entry-content -->
 
 	</article><!-- #post-## -->

template-parts/scaffolding/scaffolding-globals.php

@@ -14,7 +14,7 @@
 	<?php
 		// Theme colors.
 		_s_display_global_scaffolding_section(
-			array( // WPCS: XSS OK.
+			array(
 				'global_type' => 'colors',
 				'title'       => 'Colors',
 				'arguments'   => array(
@@ -29,7 +29,7 @@
 
 		// Theme fonts.
 		_s_display_global_scaffolding_section(
-			array( // WPCS: XSS OK.
+			array(
 				'global_type' => 'fonts',
 				'title'       => 'Fonts',
 				'arguments'   => array(